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EXAMINING THE PRESIDENT’S PLAN 
FOR ELIMINATING WASTEFUL SPENDING 
IN INFORMATION TECHNOLOGY 


TUESDAY, APRIL 12, 2011 

U.S. Senate, 

Subcommittee on Federal Financial Management, 
Government Information, Federal Services, 

AND International Security, 

OF THE Committee on Homeland Security 
AND Governmental Affairs, 
Washington, DC. 

The Subcommittee met, pursuant to notice, at 10:35 a.m., in 
room SD-342, Dirksen Senate Office Building, Hon. Thomas R. 
Carper, Chairman of the Subcommittee, presiding. 

Present: Senators Carper and Brown. 

OPENING STATEMENT OF SENATOR CARPER 

Senator Carper. The hearing will come to order. Welcome one 
and all, especially to our witnesses today. Thank you for your prep- 
aration. Thank you for your presence. We look forward to your tes- 
timony and the opportunity to have a good conversation. 

We will be joined by some of our colleagues as we get into today’s 
hearing, but sort of as a precursor to today’s hearing, I was driving 
in to the train station this morning and flipping back and forth be- 
tween radio stations, and I happened to come across a song where 
the Rolling Stones were singing, “Hey, You, Get Off Of My Cloud.” 
[Laughter.] 

How appropriate. We usually do not have theme songs for our 
hearings, but if we did, that actually might work. We actually want 
to get people on the cloud, as I understand it, and hopefully when 
we leave here today I will understand better what all that is about. 

But our hearing today will examine the President’s plan to fun- 
damentally transform the management of our Federal information 
technology (IT) assets. The message of the plan is clear: We need 
to cut what we cannot afford and nurture an environment in which 
innovative and more cost effective technologies can be employed 
throughout our government. 

As I have said time and again in this room and other places, we 
need to look in every nook and cranny of our Federal Govern- 
ment — domestic, defense, entitlements, tax expenditures — and ask 
this question: Is it possible to get better results for less money? Or 
is it possible to get better results for the same amount of money? 

( 1 ) 
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The hard truth is that many programs’ funding levels will need 
to be reduced. Even some of the most popular and necessary pro- 
grams out there will likely be asked to do more with less or more 
for the same amount of many. 

Many Americans believe that those of us here in Washington are 
not capable of doing the hard work we were hired to do, and that 
is, to effectively manage the tax dollars they entrust us with. They 
look at the spending decisions that we have made in recent years 
and question whether the culture here is broken. They question 
whether we are capable of making the kind of tough decisions that 
they and their families make with their own budgets. And I do not 
blame them for being skeptical. 

I am afraid that their skepticism has proved well founded when 
you look at the kind of avoidable management failures that we 
have incurred in Federal information technology over the past dec- 
ade or so. The past mismanagement of our Nation’s $80 billion an- 
nual Federal information technology is not only intolerable, it is 
unsustainable. 

Late last year, then the Office of Management and Budget 
(0MB) Director Peter Orszag said that fixing the broken manage- 
ment of our Federal Government’s information technology was — 
and this is a quote — “the single most important step we can take 
in creating a more efficient and productive government.” 

I am going to say that again, “the single most important step we 
can take in creating a more efficient and productive government.” 

Based on the information that 0MB has released as a part of its 
review, I believe he may be correct. The failures of information 
technology management in the Federal Government have in some 
cases been spectacular. For example, the Government Account- 
ability Office (GAO) found in January of this year that those run- 
ning the National Archives electronic records investment had not 
been able to identify potential costs and schedule problems early 
and, as a result, failed to take any action to address them. 

GAO estimates that because of these failures in one troubled 
project — one troubled project — taxpayers will lose somewhere be- 
tween $205 million and $405 million. That is real money where I 
come from. 

Today we will look at the President’s 25-point plan to turn this 
ship around. The goals are ambitious, and so are the timelines. 
That is a good thing. 

Under the direction of our first Federal Chief Information Officer 
(CIO), Vivek Kundra, the plan is to be fully implemented within 18 
months of its introduction. That is May 2012, if you are keeping 
score at home. But the various goals are broken down into 6-, 12- 
, and 18-month increments. Today I am particularly interested in 
hearing how we are progressing toward those 6-month goals. 

The President’s plan centers around three main initiatives: 

First, the plan fosters a cultural shift aimed at making the man- 
agement and implementation of large Federal IT projects more ef- 
fective and more efficient; 

Second, the plan pushes the Federal Government to adopt cheap- 
er, better, and faster technologies; 

And, third, the plan demands that we shed or consolidate the du- 
plicative and wasteful Federal data centers in our inventory. 
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The plan is a positive first step in tackling the institutional and 
systemic problems that have plagued Federal information tech- 
nology management for years. It may not be perfect, but the Presi- 
dent and Mr. Kundra should be commended for taking on this chal- 
lenge, and I commend you today. 

We look forward to hearing from our witnesses today, about how 
we are progressing toward these goals, how agencies are respond- 
ing, and what those of us here in Congress can do to help make 
this a successful venture. 

Today I am also happy to say that my colleagues, as they come 
along, will be asking their questions, and if they really want to give 
a statement, we will let them, but my guess is they will probably 
just want to get right into the flow with questions and answers. 

But my colleagues Scott Brown, Senator Joe Lieberman, and 
Senator Collins have joined me in introducing legislation called 
“The Information Technology Investment Management Act of 
2011.” This legislation calls for greater transparency when it comes 
to the cost and performance of our Nation’s information technology 
investments so that American taxpayers can see how their money 
is being spent. 

It also demands that agencies and the Office of Management and 
Budget be held accountable for a project’s failure and work either 
to fix them or end them. The time for lazy or wasteful management 
of these expensive investments is over. We are going to demand 
that projects be on time, on budget, and deliver on their promises. 
If they do not, we are going to bring them to a halt. We are going 
to end the pattern of throwing good money after bad. 

I hope that our witnesses will include in their testimony today 
some brief thoughts and comments about our legislation. We al- 
ways welcome constructive criticism. 

And with that said, I want to introduce just very briefly the first 
panel of witnesses. A couple of you have been before us more times 
than you want to remember. If we had to pay David Powner for 
every time he has been before us, the budget deficit would be a lot 
bigger, so we appreciate especially your being here. 

Our first witness today is Vivek Kundra, who serves as our Na- 
tion’s first Federal Chief Information Officer. Mr. Kundra is re- 
sponsible for directing the policy and strategic planning of Federal 
information technology investments as well as for oversight of Fed- 
eral technology spending. Previously, Mr. Kundra worked as Chief 
Technology Officer for the District of Columbia and as Assistant 
Secretary of Commerce in Virginia under Governor Tim Kaine. 

Our next witness is David McClure — Mr. McClure, good to see 
you — who is the Associate Administrator in the Office of Citizen 
Services and Innovative Technologies for the U.S. General Services 
Administration (GSA). Mr. McClure works to advance GSA’s re- 
sponsibilities in serving the American people through open and 
transparent government initiatives and by identifying new tech- 
nologies to improve government operations and service delivery. 

Our final witness for this panel is Mr. David Powner, who is the 
Director of IT Management Issues in the U.S. Government Ac- 
countability Office. As Director, Mr. Powner is in charge of GAO’s 
analysis of Federal IT investments, health IT, and cybersecurity 
initiatives. Again, we welcome you. 
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I am going to recognize Mr. Kundra to proceed first, and you are 
welcome to summarize your testimony. All of it will be made part 
of the record, and then once the three of you have concluded, we 
will start with some questions. Again, welcome. Thank you so 
much. And thank you for your leadership. 

STATEMENT OF VIVEK KUNDRA, i FEDERAL CHIEF INFORMA- 
TION OFFICER AND ADMINISTRATOR FOR ELECTRONIC 

GOVERNMENT AND INFORMATION TECHNOLOGY, OFFICE 

OF MANAGEMENT AND BUDGET 

Mr. Kundra. Good morning. Chairman Carper and Members of 
the Subcommittee. Thank you for the opportunity to testify on our 
efforts to eliminate wasteful information technology. 

Effective management of IT is essential in serving the American 
people, protecting our national security interests, and keeping 
America competitive in the global economy. That is why for the 
past 26 months we have focused on reforming Federal IT to crack 
down on wasteful spending and boost performance. 

Through relentless oversight, we have delivered $3 billion in life 
cycle cost reductions. We are eliminating duplicative infrastructure 
and have saved millions of dollars through game-changing tech- 
nologies and approaches such as cloud computing. 

On December 9, 2010, we published the “25-Point Implementa- 
tion Plan to Reform Federal IT Management,” our blueprint to ad- 
dress the structural barriers that get in the way of consistent exe- 
cution. We have segmented the reforms into 6-month increments 
with concrete deliverables. I would like to highlight our progress 
over the past 124 days in each of the five key reform areas. 

First, we are applying light technologies and shared solutions to 
allow agencies to optimize spending and invest in their mission- 
critical needs rather than duplicative infrastructure. 

Since 1998, the Federal Government has seen the number of 
data centers grow from 432 to more than 2,000. To reverse this 
unsustainable growth, we are actively shutting down 800 data cen- 
ters by 2015. Additionally, we have shifted to a Cloud First policy 
that allows agencies to pay only for the resources that they are ac- 
tually using. 

Second, we are strengthening program management because no 
matter how effective our technologies and policies, the success of 
our most complicated, high-profile, and expensive programs rests 
on the shoulders of effective program managers. Yet too often these 
programs are managed by individuals randomly pulled across the 
government who lack the training to successfully deliver. That is 
why we have created the IT Program Manager Career Series to at- 
tract the best talent and to make sure that we are cultivating the 
top performers. 

We have also seen universities like George Mason University 
(GMU) and the National Defense University (NDU) stand up pro- 
grams that focus on case studies so we do not repeat historical fail- 
ures. 

Third, we are aligning the budget and acquisition process with 
the technology cycle to make sure that programs are not out of date 


^The prepared statement of Mr. Kundra appears in the appendix on page 47. 
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the moment that they are launched. The budget process forces 
agencies to specify in great detail what they are going to be build- 
ing out 24 months before they can even start a project. The acquisi- 
tion process routinely adds another 12 to 18 months. We have ana- 
lyzed funding models across the Federal Government to identify 
the necessary changes to the legal framework for IT funding that 
enables successful modular development and to help contain the 
rise in infrastructure costs. We look forward to working with Con- 
gress to consolidate commodity IT funding under agency CIOs and 
to develop budget models that align with modular development. 

Fourth, we are strengthening governance and improving account- 
ability because for too long we have witnessed runaway projects 
that waste billions of dollars that are years behind schedule. That 
is why we have scaled the same model that reduced project life 
cycle costs by $3 billion and turned it around poorly performing 
projects. Already 129 agency employees have been trained and 23 
agencies have implemented the TechStat model to tap into the in- 
genuity of the American people and the collective talent of State 
and local governments. We have open-sourced the very software 
code that the IT Dashboard was built upon and the TechStat 
model. Thirty-eight States, including Delaware and Massachusetts, 
and multiple countries have reached out to express interest in 
adopting these tools to improve transparency and accountability. 

And, fifth, we are increasing engagement with the industry to 
demystify the procurement process and dispel common misconcep- 
tions regarding the acquisition regulations. We debunk the top 10 
myths in IT procurement, and we are building a pre-Request for 
Proposal (RFP) platform to help overcome the ties that may occur 
between agencies and certain vendors. The platform will give agen- 
cies access to the most innovative solutions and provide a small 
business the same opportunities that an industry titan has. 

Over the past 124 days, we have focused on execution rather 
than just policy development. We must continue to buildupon the 
progress to date and scaled practices that we know work to make 
Federal IT perform at the level the American people expect. The 
Federal Government must be able to provision services more like 
a nimble startup and leverage smaller technologies that require 
lower capital outlays. 

I would like to thank the Members of this Subcommittee and 
their staff for putting IT management front and center and helping 
transform the landscape of Federal IT. 

Thank you for the opportunity to testify. I look forward to any 
questions you may have. 

Senator Carper. Great. Thank you for that testimony and for the 
work that it represents. Thanks so much. Mr. McClure, welcome. 
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STATEMENT OF DAVID MCCLURE, i ASSOCIATE ADMINIS- 
TRATOR, OFFICE OF CITIZEN SERVICES AND INNOVATIVE 

TECHNOLOGIES, U.S. GENERAL SERVICES ADMINISTRATION 

Mr. McClure. Good morning, Chairman Carper and Senator 
Brown. Let me introduce myself. I am Dave McClure from the 
GSA. I would like to talk about the GSA role in the IT reform 
agenda this morning. 

I really want to summarize three main points that I make in my 
written statement. 

Point No. 1 is that the 25-point IT reform plan and the Federal 
Cloud Computing Strategy issued by Vivek are veiy constructive, 
and they are sorely needed steps forward in improving the way IT 
is acquired and managed. GSA’s role in this agenda is very clear. 
We focus on shared, lightweight technologies, and simplifying the 
provisioning of IT services on demand so that we can accelerate 
agencies’ access to modern technology, get solutions in the hands 
of users faster, and lower costs. 

Cloud computing is at the forefront of these innovative tech- 
nologies today. As Vivek has noted, it offers compelling advantages 
when, like any other technology implementation, it is done well. 

Cloud computing is already here in the Federal Government, and 
it is an inevitable trend from a technology marketplace perspective. 
Many agencies have started implementing cloud solutions and 
found significant savings. We have documented many on our public 
web page, Info.Apps.gov. 

The return on investment has been lower IT operating costs, im- 
proved operational performance, better service delivery, and in- 
creased agility in provisioning changes to computing needs. 

Point No. 2, GSA plays a strong governmentwide leadership in 
supporting the adoption of cloud computing in the Federal Govern- 
ment. The Federal Cloud or Project Management Office (PMO), is 
housed in my office at GSA, and we have the lead in facilitating 
new innovative cloud computing procurement options, ensuring ef- 
fective cloud security and standards are in place, and identifying 
potential multi-agency or governmentwide use of cloud computing 
solutions. 

Our cloud computing PMO is active, engaging, and productive. 
My written statement outlines six cloud-related activities. I just 
want to focus on three of them briefiy. 

Let us start with the Federal Risk and Authorization Manage- 
ment Program (FedRAMP) is being established to provide a stand- 
ard security approach for assessing and authorizing cloud com- 
puting services and products. Currently this process in the govern- 
ment is expensive, it is time-consuming, it is a heavy paper-driven 
process exercised inconsistently across the government. An average 
Assessing and Authorizing (A&A) costs up to $180,000 and requires 
up to 6 months to complete. FedRAMP will allow joint authoriza- 
tions and increased use of continuous security monitoring services 
for government and commercial cloud computing systems. 

Because we can achieve a more consistent security baseline and 
a common interpretation, we can leverage the work of one agency 
for another, or as we say, approve once and use often. This should 


^The prepared statement of Mr. McClure appears in the appendix on page 53. 
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help reduce cost, it should enable rapid acquisitions, and it should 
reduce the overall effort of the government in this area. 

I might add that we have developed this with hroad consensus 
in the government, involving that National Standards and Tech- 
nology (NIST), the Department of Homeland Security (DHS), the 
Department of Defense (DOD), the National Security Agency 
(NSA), and various commercial industry consortia. 

Another important governmentwide initiative is infrastructure as 
a service. Each year the government spends tens of thousands and 
millions of dollars on IT products and services, heavy focus on 
maintaining the current computing infrastructure needs and de- 
mands. We have established a Blanket Purchase Agreement (BPA) 
with 12 companies, many with multiple partners who offer storage, 
computing power, and Web site hosting as commodities. The bene- 
fits include commodity type pricing for services, allowing customer 
to easily compare prices across vendors. It also offers standardized 
technical and security requirements that companies are required to 
meet across the entire government. 

The third area is cloud-based e-mail. We chose to tackle perhaps 
one of the most ubiquitous business technologies in use by all Fed- 
eral agencies: e-mail. Using a governmentwide working group, we 
again took a collaborative approach to building a procurement vehi- 
cle. Once it is released and concluded, services will be offered to 
Federal customers via a Blanket Purchase Agreement. I think it 
will accommodate a range of robust, feature-rich e-mail services in 
public, private, and highly secured clouds. 

So my final point is this: GSA is also walking the talk. A lot of 
what we are doing internally within GSA is also very robust in the 
cloud space. We are putting in one of the first cloud-based e-mail 
systems in the government. We expect a savings of over $15 million 
in 5 years. We are reducing our own data centers from 15 to 3 by 
2015. We estimate a $2 million annual reduction in data center 
costs as a result. And we host perhaps some of the most visible 
Web sites, public Web sites in government, including USA.gov, 
which is the Nation’s portal or front door into the Federal Govern- 
ment, as well as Data.gov, which is one of the first public-facing 
government Web sites to be successfully deployed in a cloud envi- 
ronment. 

We also host a lot of open-source sharable code solutions that 
lower the cost and help implementations in areas like Chal- 
lenge.gov, where challenges and contests are being run by Federal 
agencies. 

So I hope this offers you a brief flavor of what we are doing at 
GSA to improve the IT outcomes in the government. Again, thanks 
for having me here for testifying. 

Senator Carper. Mr. McClure, thank you for testifying. 

Mr. Powner, welcome. Thank you. 
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STATEMENT OF DAVID POWNER,i DIRECTOR OF INFORMA- 
TION TECHNOLOGY MANAGEMENT ISSUES, U.S. GOVERN- 
MENT ACCOUNTABILITY OFFICE 

Mr. PowNER. Chairman Carper, Senator Brown, we appreciate 
the opportunity to testify this morning on IT acquisitions. Chair- 
man Carper, I would like to thank you for your oversight of Federal 
IT acquisitions. Your many hearings highlighting the wasteful 
spending in this area has led to many improvements in Federal 
agencies and at the Office of Management and Budget. 

Senator Carper. Very nice of you to say that. Thanks very much 
for being a big part of that. 

Mr. PoWNER. 0MB plays a key role in this oversight process. In 
fact, 0MB has been required by the Clinger-Cohen Act of 1996 to 
track, analyze, and report to the Congress on IT expenditures, 
which now total almost $80 billion. 

To help carry out this role, 0MB established several oversight 
mechanisms, including lists of troubled projects, starting in 2003, 
that clearly were not as useful or accurate enough to perform the 
appropriate level of oversight. Under Vivek Kundra’s leadership, 
0MB has improved its oversight of and management of IT acquisi- 
tions by: one, creating the IT Dashboard; two, using this informa- 
tion on the Dashboard to hold agencies and CIOs accountable; and, 
three, introducing comprehensive IT reform. I would like to high- 
light each of these efforts and what additional actions are needed. 

First, the Dashboard. In June 2009, 0MB deployed a public Web 
site, known as the IT Dashboard, to improve the transparency and 
oversight of approximately 800 major Federal investments totaling 
about $40 billion. The Dashboard presents information on costs and 
schedule and a CIO assessment, among others. Today, the Dash- 
board shows that nearly 40 percent of the 800 investments are in 
need of management attention due to their red or yellow status. 
More simply put, this equates to over 300 investments totaling $20 
billion that are at risk. 

I would like to repeat those numbers. We have 300 investments 
totaling $20 billion that are at risk. 

In addition to identifying troubled IT projects, the Dashboard is 
an excellent tool to identify duplicative investments, which could 
result in significant savings. We have ongoing work for this Sub- 
committee looking at this duplicative spending. 

Despite the improved transparency, data reliability remains an 
issue, as our work has shown that Dashboard information is not al- 
ways accurate and consistent with agency records. 0MB and agen- 
cies acknowledge this and have a number of activities under way 
to improve the Dashboard and the accuracy of what is being re- 
ported. 

0MB has also improved the management of IT investments 
needing attention by holding TechStat meetings. These meetings 
started in January 2010 and are led by Mr. Kundra and agency 
leadership. Well over 50 of these meetings have been held, and the 
results are impressive. Four projects have been canceled and 11 re- 
structured. 0MB has claimed that this has resulted in a $3 billion 
reduction in costs. 0MB has also identified 26 additional high-pri- 


^The prepared statement of Mr. Powner appears in the appendix on page 62. 
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ority projects that have undergone extensive review, which resulted 
in corrective action plans. 

One of the high-priority projects is the National Archives elec- 
tronic records acquisition that you mentioned, Mr. Chairman. Our 
work for this Subcommittee has highlighted the mismanagement 
and major cost and schedule issues associated with this acquisition. 
It is one of the projects that 0MB is in the process of restructuring. 
Although 0MB has had significant results with its TechStat meet- 
ings and its high-priority projects, many more projects are in need 
of 0MB and agency oversight. 

In addition to the Dashboard and TechStat sessions, 0MB issued 
a comprehensive IT reform plan that includes replicating these 
TechStat sessions throughout the government to improve govern- 
ance and to strengthen program management. Many of the reform 
initiatives are consistent with your many years of oversight in this 
arena and our body of work on IT acquisition. And to its credit, 
0MB has issued aggressive milestones that span the next 18 
months. Now the challenge lies in implementation. 

In summary, OMB’s efforts to improve the transparency of the 
IT Dashboard, to improve IT acquisition execution through its 
TechStat sessions, and its IT reform initiatives are encouraging. 
But the accuracy of the Dashboard information needs to greatly im- 
prove. Even more focus needs to be put on the $20 billion at risk, 
and the major IT reform initiatives now need to be implemented. 

I would like to conclude by commending your leadership, as well 
as Mr. Kundra’s in this area, Mr. Chairman, and I am pleased to 
answer any questions you have. 

Senator Carper. Mr. Powner, thank you so much, and thanks 
again for being a big partner with us in these efforts. 

Senator Brown has another hearing that is going on, and he is 
going to be coming in and out. But I just want to recognize him 
for any comments that he wants to make, and he can go right into 
questions whenever he is ready. 

Senator Brown. Thank you, Mr. Chairman. I am going to stay 
as long as I can. I enjoy this very much, and I appreciate you push- 
ing forward on this. 

I have a statement that I am just going to submit for the record. 

Senator Carper. Without objection. 

Senator Brown. Thank you. 

I might as well start. Mr. Kundra, according to your testimony, 
your high-priority IT project and financial system reviews have led 
to over $3 billion in life cycle cost reductions. How many invest- 
ments were actually reviewed? 

Mr. Kundra. We actually overall looked at over 50 investments. 

Senator Brown. Five-zero? 

Mr. Kundra. Fifty, yes. So these 50 investments, and one of the 
things we focused on was the most troubled investments out of the 
IT portfolio. And the reason we introduced the IT reform plan, the 
25-point plan, was to actually now multiply the same processes 
across every single department and agency within the U.S. Govern- 
ment because the challenges at the end of the day, despite OMB’s 
oversight capabilities, what we want to do is we want to prevent 
these investments from getting to the point where they are years 


VerDate Nov 24 2008 1 1 :00 Feb 17, 2012 Jkt 067128 PO 00000 Frm 00013 Fmt 6633 Sfmt 6633 P:\DOCS\67128.TXT JOYCE 



H605-41331-79W7 with DISTILLER 


10 


behind schedule or hundreds of millions of dollars over budget. And 
that is what we are focused on. 

Senator Brown. By then isn’t the technology obsolete in many 
instances? 

Mr. Kundra. Absolutely. The way that the acquisition processes 
actually work right now and the budgeting process, unfortunately 
we plan out years in advance and end up locking a specific tech- 
nology. And by the time you actually implement some of these tech- 
nologies, they are way out of date. 

Senator Brown. I know in New York City, for example, they 
hired a company, VMware, to come in and actually go and review 
all their IT specifications because there were so many individual 
fiefdoms and they were not connected. They were not efficient. 
They were wasting money. They have apparently saved a tremen- 
dous amount of money through, obviously, the cloud technology and 
that whole new way of doing things. 

Out of the 50 that you did — how many actually are there total 
in terms of the actual investments? You said you looked at — how 
many actually are there? What is the big picture? 

Mr. Kundra. So where we need attention, as Dave Powner point- 
ed out, is about 300 or so investments, and what we are trying to 
do now is to scale the same exact model we used to turn around 
or terminate these poorly performing investments. So the process 
we used was coupling the IT Dashboard where we are shining light 
on what was going on with these investments with what we call 
our TechStat accountability sessions to really drill down on each of 
these investments to make sure that if, for example, you do not 
have a dedicated project manager, if you do not actually have a 
clearer understanding of what the business objectives or goals are, 
or you are in the process of implementing outdated technologies, 
these are huge investments that have a major effect on how agen- 
cies are actually being transformed. 

One of the problems we have seen throughout these sessions is 
that people are looking at these projects at IT projects. But at the 
end of the day, they are about transforming how an agency fun- 
damentally operates. 

Senator Brown. So when you are looking at the — when you say 
$3 billion is or may be saved in part, this is being done by can- 
celing some projects, I am presuming. But how much did we al- 
ready lose with what was already spent on those investments? 

Mr. Kundra. Well, so that is a little more difficult number to 
come up with. To give you an example, with financial systems what 
we did is we looked at the entire life cycle cost of financial systems 
across the Federal Government, and that was about $20 billion in 
life cycle costs. 

The Department of Defense, for example, had a project called De- 
fense Integrated Military Human Resources System (DIMHRS). It 
was their integrated human resource planning system. They spent 
12 years and approximately $1 billion, and we ended up killing 
that project. 

Unfortunately, what we do not want to do is be in a position 
where we are just killing IT projects because at the end of the day 
there is still a business need. They are not just implementing 
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projects because they felt it was a fun thing to do. There is actually 
a business problem. 

So the four that we killed, the real victory in my mind is actually 
the projects, the 11-plus projects that we looked at where we de- 
scoped them. And what I mean by de-scoping is we said instead of 
trying to boil the ocean, where people have bought into this fallacy 
that these enterprise resource planning systems are going to bal- 
ance your books, they are going to track your assets, they are going 
to make you coffee, that you have to actually break these projects 
down into 6-month increments. If within 6 months you cannot 
prove that you have delivered something of value to your cus- 
tomers, then you need to either halt that project or you need to 
fundamentally rethink it or terminate it. And what we are seeing 
with these large enterprise projects is that people are spending 
years, in some cases decades, implementing a project that is not 
working. 

Senator Brown. So did we actually save $3 billion, or did we just 
not lose more money to cost overruns on these actual projects? 

Mr. Kundra. Well, it is a combination of both because where we 
de-scoped the projects in the cases of financial management sys- 
tems like the Environmental Protection Agency (EPA), we actually 
took that project down and cut it significantly lower. And also the 
way we were saving that money in terms of both cost avoidance 
and the original life cycle costs is that there are game-changing 
technologies, new technologies that have emerged since the project 
was originally conceived. 

Senator Brown. It always seems like we are a couple of steps be- 
hind. It seems like the government is an easy mark: Hey, we have 
this new technology, go buy it. And then we invest billions of dol- 
lars in some instances, or at least hundreds of millions, and then 
by the time it actually gets through the process, it gets imple- 
mented, it gets up and running, and it is obsolete. Then we have 
to get the updates and upgrades, and it just seems like we are an 
easy mark. 

I am wondering, in the next 50 investments, is there the poten- 
tial for significant cost savings in the future? Or were these initial 
reviews just kind of picking off the low-hanging fruit? 

Mr. Kundra. I think there are significant opportunities for cost 
savings, in the billions, and here is why. So to your point, one of 
the big problems we see is this huge gap between the public sector 
and the private sector, and the reason this gap exists is because 
the culture in government historically has been that the govern- 
ment must build its own infrastructure, it must own the software 
development. And one of the reasons we are shifting to the Cloud 
First policy essentially is to move away from this philosophy of 
asset ownership to service provisioning. 

So in the same way that a small startup company would go out 
there, and if they are standing up a business, they are not going 
to go out there and build their own e-mail system or their own ac- 
counting system. They are going to go to a company like Quicken 
Books and fire up an accounting system or go to Microsoft or 
Google or any of these other providers and fire up an e-mail sys- 
tem. 
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What we need to do is government needs to operate much more 
like a nimble startup than it does today, where we are engaging 
in these multi-year, multi-billion-dollar IT projects. That is what 
we are doing with GSA, putting in place these governmentwide 
procurements that actually will allow us to provision the services. 

Senator Brown. Just in closing, and then I will turn it back to 
the Chairman in Massachusetts we have amazing companies that 
deal with this stuff every day, and it is second nature. We have the 
technology leaders in the world. And we are in the government, 
and it is like we are sometimes in the Dark Ages. I am sure this 
is not the first time we have had a hearing on this stuff. It is my 
first experience on it. But I know you have been working on it for 
years. 

At what point do we actually start to realize these billions of sav- 
ings, I mean, real dollars that can be used in other areas, espe- 
cially now? 

So that was more of a statement than a question, but I would 
like to come back. Thanks, Mr. Chairman. 

Senator Carper. Thanks very much. 

Senator Brown and I hold a lot of hearings in here, and what we 
focus on is how do we get better results for less money. That is 
really what we do. That is our bumper sticker — how to get better 
results for less money. And when you think about IT projects, 
sometimes we do not really focus on what we are trying to do is 
get better service, better results for less money. 

Give us a couple of examples, and I do not care who leads off, 
but give us a couple of examples where you actually can say these 
are some projects where we actually got a whole lot better results 
for less money, or a little better results for — better service, maybe, 
for not a lot more money. Can you give us a couple good examples? 

Mr. McClure. Yes, I would be happy to start. In my case, we 
have been one of the first to move into the cloud computing envi- 
ronment, for example, and I mentioned USA.gov, which is the pub- 
lic portal for the Federal Government. By moving it into a cloud 
environment, we are able to save an estimated $1.7 million a year 
in computing costs because we moved into a more agile computing 
environment. We were able to provision changes to that system in 
hours as opposed to months, which means I could change the Web 
site and its features very quickly. And, third, it allowed me to use 
people in a different way. Rather than monitoring and running the 
infrastructure that we owned, I actually could turn them over to 
doing more mission-based and I think more value-added types of 
services. 

So for us it was a cost savings, it was an agility to move faster, 
and I was able to free people up to do more value-added work. And 
I think that is a common occurrence across many of the implemen- 
tations right now. 

Senator Carper. All right. Good. Some other examples, please. 

Mr. Kundra. On something as simple as e-mail services, the U.S. 
Department of Agriculture (USDA), with 120,000 employees, and 
the General Services Administration (GSA), with 17,000 employees, 
moving e-mail over to the cloud, what they were able to save is 
over $40 million. Something as simple as a Web site, what the Re- 
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covery Board did is they saved $750,000 by just moving to the 
Amazon cloud. 

Health and Human Services (HHS), by looking at electronic 
health record grants, moving over to a sales force implementation, 
they cut their costs by 60 percent. 

So we are seeing huge savings, and it is not just in dollars. Part 
of what is happening is we keep building duplicative infrastruc- 
tures, so the numbers you look at in terms of data centers, we went 
from 432 to more than 2,000, and part of the reason is because peo- 
ple have been so focused on building duplicative, redundant infra- 
structure rather than lifting up and saying how do we make sure 
that in the same way the American people, when they go and book 
a ticket, whether it is for a flight or a concert or making a reserva- 
tion at a local restaurant, that experience is so much better than 
when they are dealing with the government. And the reason is be- 
cause the government is so focused on the duplicative infrastruc- 
ture, and we are trying to abstract all of that so we can get the 
government to focus actually on the customer experience rather 
than investing billions of dollars in this duplicative infrastructure. 

Senator Carper. I have not counted the number of times that 
“cloud” has been used in our testimony or our responses to ques- 
tions, but there are a lot of people who are following the hearing 
today have no idea what you are talking about. Why don’t you just 
step back — actually somebody had it in their testimony, a little def- 
inition at the bottom of the page, what we are talking about, which 
I do not know if it would be all that helpful to too many people. 
Just make it real simple and easy for folks to understand. 

Mr. Kundra. Sure. So the most basic way to think about cloud 
computing is if you look at the progress that was made throughout 
this Nation, it used to be that every house had its own well and 
had its own electrical generation system. But as technology 
evolved, we ended up with an electrical grid, we ended up with a 
water distribution system. So now what happens is, when you are 
at home, whether you are plugging in a mixer or a TV, you con- 
sume the electricity that you are actually using rather than to have 
to pay for all that infrastructure. 

In the same way, cloud computing from a technology perspective, 
the simplest way to think of it is that the government is going to 
be able to pool its demand and actually dynamically allocate re- 
sources or use resources so that we are not paying for resources 
that we are actually not using. 

Senator Carper. A friend of mine tried to explain it to me not 
long ago, and he said, “Do you have kids that are old enough to 
drive?” I said, “Yes, we have a boy 21 and one 22.” And he said, 
“Are they away at college?” I said, “One is, and one is actually in 
another country.” He said, “Do they ever come home?” I said, “Well, 
they do.” And he said, “How many vehicles do you have?” I told 
him, and he said, “Do you need more vehicles when they come 
home?” And I said, ‘Yes, we do.” And he said, “What do you do, 
go out and buy a new vehicle so that when they come 2 or 3 weeks 
out of the year their car is there for them to use?” And I said, “No. 
We actually rent a car.” He said, “Well, that is kind of like what 
this is.” So that helps me understand it. 
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I want to try to draw an analogy here and use this analogy as 
a way to get to sort of get why do we have this prohlem. It has 
been pervasive throughout the Federal Government. We spend so 
much money for these projects. Some of them work quite well, and 
too often they do not. 

We held a hearing here 2 weeks ago, and the focus of our hearing 
was major weapons systems cost overruns. And as it turns out, 
GAO told us 10 years ago, in the year 2000, that our major weap- 
ons systems cost overruns was $42 billion. And GAO testified 2 
weeks ago that our major weapons systems cost overruns is $402 
billion. It went from $42 billion in 2000 to $402 billion last year. 

And as we drilled down on why that was happening, we got a 
couple of answers. One of those is that sometimes the technologies 
that are being proposed to use on these weapons systems are what 
they call immature, meaning they have not really been fully devel- 
oped. 

Second is the agency, the military branch, or service may not 
have fully figured out what they want, and they continue to do 
modifications to the projects. We call it “project creep.” 

The third thing is we do not necessarily do the best job of mak- 
ing sure the acquisition folks with experience are bird-dogging 
these projects and that they have the kind of clout that they need 
in order to blow the whistle when things are going wrong. 

We had an example from a fellow named John Young, who was 
the top person in the Bush Administration, the second term, for ac- 
quisition, and we had one of his deputies, his top deputy for acqui- 
sition. He is an Assistant Secretary for Defense. We said, “Talk to 
us. How long have you been in your position?” He said, so many 
months. And we said, “What kind of turnover did you get from your 
predecessor?” And he said, “Well, I did not get any turnover. My 
predecessor left 18 months before I did.” We said, “No kidding.” 

“Tell us about your direct reports. How many direct reports do 
you have?” And he said he was supposed to have six, and only two 
were filled. 

So here is like the top person really in the Department of De- 
fense whose job it is to make sure we are getting our money’s 
worth. There is an 18-month lapse between when he comes in and 
the guy before him left, and only two out of six direct reports were 
there. So it turns out the guy who is in that position today in this 
Administration, his nomination was held up for 15 months — 15 
months before he was actually allowed to go to work. So those are 
the kinds of problems that have led to $402 billion cost overruns. 

When you drill down on it, how have we gotten into the situation 
that we are in where we have $80 billion worth of projects and 
maybe a quarter or so are at risk? I do not know, maybe, David, 
this is good one for you, Mr. Powner. 

Mr. Powner. Yes, well, a couple things. One is — and I think a 
lot of this is tied to Mr. Kundra’s IT reform plan. You could start 
with program management. There clearly needs to be strengthened 
program management across the government where, to your point, 
we define what we want well up front; we have a way to manage 
risks. 

But on top of that program management level, what happens 
many times — and it has been the subject of many hearings that 
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you have held, for instance, like what happened at the Census Bu- 
reau — we have a lack of executive accountability. Many times when 
a project gets in trouble, they blame the program manager instead 
of a key executive who should be overseeing that, including the 
CIO. And I think when you look at Vivek’s reform plan, one of the 
five major areas is governance. There needs to be better govern- 
ance over these projects from an executive point of view. In fact, 
that is what Vivek is attempting to implement through his 
TechStat sessions. 

So, Senator Brown, to your point, yes, we have held over 50 
meetings, and we have saved $3 billion. But your chart up there 
shows that there are 300 that need attention right now, and if we 
projected that, I mean, there could be $20 billion of savings if there 
is any success like he has had on those first 50. 

Senator Carper. All right. Anybody else want to take a shot? 
What I want to make sure is that we figure out what the problems 
are, the major problems are, and to make sure through executive 
action and through legislative action that we are actually going 
after the root problems. Mr. McClure. 

Mr. McClure. Yes, I think Dave hit it on the head. It is govern- 
ance and program management, but those have been the same 
problems that we have been pointing to for the last two or three 
decades in Federal IT. 

I think what this Administration is doing is trying to focus pro- 
gram management and governance on transparency. You have to 
get this stuff out in the open in terms of the status of projects. It 
cannot be buried in an agency. It has to be a fact-based assess- 
ment, not an emotional appeal. And it has to be near real time. We 
cannot do this reporting months after something has already oc- 
curred. 

And, finally — and I think Vivek is doing this with TechStat — 
these things have to be focused on problem solving, not reporting. 
We can report, but we still miss what do we do to fix it. So I think 
we have to change the agenda to problem solving. 

Senator Carper. Good. That is a good point. 

Mr. Kundra, before I yield back to Mr. Brown, Senator Brown, 
go ahead. 

Mr. Kundra. Chairman Carper, I still recall my very first meet- 
ing with you when I started, and one of the things you pointed 
out 

Senator Carper. Was it that bad? 

Mr. Kundra. It was great. You actually highlighted the need for 
reforms, and one of the things I did after I met with you is studied 
history, went back to 40 years of challenges in Federal IT manage- 
ment. And I do not think contractors wake up every morning and 
say, “Hey, how are we going to make sure we mess up Federal IT 
this morning?” And I do not think government employees wake up 
every day and say, “How are we going to go out there and make 
sure these projects fail?” 

Part of what we saw was that the efforts over the last 40 years, 
a lot of it was very much around policy, and there has been great 
policy historically in place. But the challenge was a lack of a focus 
on execution. And the hearings that you have had have been tre- 
mendously helpful, and the fact that you have reached out to agen- 
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cies to get them to improve the data quality, as Dave mentioned, 
the first thing we wanted to do is just shine light. And what we 
did when we launched the IT Dashboard is we actually put up a 
picture of every CIO right next to the project they were responsible 
for. 

Senator Carper. No kidding. 

Mr. Kundra. With how they were doing in costs 

Senator Carper. I always joke about when you look up in the 
dictionary, you look up a particular word, you have somebody’s pic- 
ture. 

Mr. Kundra. Absolutely. And I was Public Enemy No. 1 for a 
couple of weeks, but I think very quickly we realized by shining 
light all of a sudden we were exposing some of the major issues 
around IT projects. 

And in the 25-point plan, we highlight some of the challenges 
and areas that we need to focus, but I would point to one signifi- 
cant area where I think improving or moving the ball from would 
make a tremendous difference, which is around program manage- 
ment, as both David Powner and David McClure have mentioned. 
If you think about multi-million-and multi-billion-dollar IT projects 
and government officials that are charged with managing them, 
and if you compare that to other industries such as aviation, medi- 
cine, and firefighting, you do not set foot on a 777 unless you have 
gone through a simulator and hundreds if not thousands of hours 
of training. You do not get to operate on your first patient unless 
you have gone through medical school, a residency program with 
attendings. Or if you are a firefighter, you actually practice fire 
drills on actual fires before you go out there and put out your first 
fire. 

We have not done that historically when it comes to program 
management, and I think that is a key area of our reform agenda. 

Senator Carper. Great. Thank you. Senator Brown. 

Senator Brown. Thank you. 

So, Mr. Powner, just touching base, Mr. Kundra says $3 billion 
in estimated saving, and GAO says $3 billion in estimated cost 
overruns. So does that mean we are basically at square one or are 
we actually realizing real savings that we can actually put back 
into the Treasury and use in other areas? 

Mr. Powner. Well, I think it is probably a mixed bag, as Mr. 
Kundra mentioned. I think when we eliminated some of those 
projects — there were four that were terminated — I think those are 
real savings. The restructuring, that is a little uncertain about how 
much real savings there are there. But, again, it probably — the use 
of that money moving forward is — we are familiar with some of 
those projects that are restructured, like the National Archives 
project. That is a good move. 

So a couple points here, though, in terms of savings. If we are 
really after savings, I think looking at those troubled projects is 
one way to go. There is probably another way if you look at — I am 
going to shift gears just real quickly here. Senator Brown. When 
you look at the Dashboard — and we are doing this work for this 
Subcommittee right now. You could look at duplicative spending 
associated with that Dashboard, so there are over 5,000 systems 
that we are investing in. I can tell you right now that there are 
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over — in Fiscal Year 2011 we are funding over 550 financial man- 
agement systems at $3 billion. So the question is: Does the Federal 
Government need over 550 financial management systems? 

And I can go right down the line. I could tell you 

Senator Brown. I think you know that answer. 

Mr. PowNER. Right. And I can give you example after example. 
So not only do we need to improve the performance of what we are 
spending money on, but there is potential for duplication when you 
start looking within and across agencies. There are 600 H.R. sys- 
tems in the Federal Government that we are funding. The Fiscal 
Year 2011 funding is $2.5 billion on 

Senator Brown. That is out of control. 

Mr. PowNER [continuing]. On 600 H.R. systems. Those are the 
things that really need further investigation. 

Senator Brown. So noted. Mr. Chairman, that is your next hear- 
ing. 

Senator Carper. Our next hearing. [Laughter.] 

Senator Brown. Thank you. 

How will GAO be tracking the performance of these initiatives 
going forward? 

Mr. PowNER. Well, in terms of — a couple things. Looking at the 
performance of these projects, we continue to do work on an every- 
six-month basis, we report on the Dashboard, how those numbers 
are changing, and the accuracy and reliability of what is being re- 
ported. And then on those duplication numbers, we are doing work 
for the Subcommittee where we will be laying out, by functional 
area, how many investments there are and what the total dollars 
are. And it will raise questions about what is being done to manage 
that more effectively. 

Senator Brown. So you can certainly make recommendations, 
but you do not have any teeth at all to really drop a hammer down 
and say, hey, listen, you have to stop this. You are making the rec- 
ommendations to us, and then we are going to take it up the food 
chain. Is that a fair statement? 

Mr. PoWNER. Yes, clearly, most of our recommendations go to de- 
partments and agencies, and right now Mr. Kundra and I work 
very closely together on some of these governmentwide issues, and 
I will say that there is a lot going on in his shop right now. But 
clearly your oversight hearings help with action on those items. 

Senator Brown. And I know, obviously, with any type of projects, 
it takes leadership. And, Mr. Kundra, what is your plan? Do you 
plan on staying on as the Federal CIO until the plan is seen 
through? 

Mr. Kundra. Well, we are focused on executing the plan, obvi- 
ously, and I am committed to making sure we are executing. As a 
matter of fact, at the end of this month we are going to be cele- 
brating the accomplishments at each of the agencies where they 
have delivered. But what is important here is I can stay on as long 
as it is necessary, but what is really, really important in my mind 
is that this plan, the way we have engineered it, it is not depend- 
ent on any single individual. Because at the end of the day, as you 
correctly point out, those 300-plus investments, every CIO in every 
major department needs to be as focused on execution as we are 
within the White House. 
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Senator Brown. And when you are looking — I know the IT In- 
vestment Management Act that Senators Carper, Collins, 
Lieherman, and I are introducing today takes some steps to codify 
some of your office’s successful initiatives, such as the IT Dash- 
hoard and TechStat sessions. What else can we do, any other sug- 
gestions, to ensure the success of this plan moving forward? 

Mr. Kundra. I think. Senator, one of the areas that will he real- 
ly, really helpful, as Dave points out, some of the duplication, is 
how we look at funding across the Federal Government. And what 
I mean by that is the way Congress appropriates funding is bureau 
by bureau, department by department. I see a huge opportunity 
here in terms of being able to look horizontally across the Federal 
Government, and whether it comes to the 2,000-plus data centers 
or hundreds of whether it is financial systems or H.R. systems, and 
to take a step back and fundamentally rethinking how we are fund- 
ing IT across the Federal Government. And second would be to ac- 
tually empower departmental CIOs by consolidating at least com- 
modity IT. And when I say commodity IT, what I mean by that is 
these financial systems, H.R. systems, e-mail, data centers, 
desktops, putting that authority under the departmental CIO, I 
think we will see huge results. And we have case studies such as 
the Veterans Administration (VA) where we are beginning to see 
a much better outcome in terms of the commodity assets. 

Senator Brown. How do you maintain a robust security of the 
Federal computer networks when you are moving to the cloud sys- 
tem? How do you make sure that we maintain that high level of 
security? 

Mr. Kundra. Part of what we are doing actually is looking at 
how we contract when we begin to move a lot of these systems over 
to the cloud. And what I mean by that is already today, if you look 
at 4,700-plus systems, they are outsourced. And we specifically 
specified in terms of contracting language how the systems are 
managed and what the security requirements are. 

Second, one of the things we are doing with cloud computing is 
we are trying to make sure that we get real-time data feeds on the 
security posture of these providers so that the Department of 
Homeland Security and Chief Information Security Officers can 
analyze the data and make sure that we are very aware of what 
is going on as far as the security posture of those systems are con- 
cerned. 

And, third, we are making sure that we come up with a common 
set of controls, which is going to be the floor, the minimum set of 
controls that are technical in nature, that we can constantly mon- 
itor to make sure that if we are being attacked in any way or if 
those systems are being compromised, that we have that informa- 
tion on a real-time basis. 

Senator Brown. Mr. McClure, you have been kind of shy today, 
so I figured I would ask you a question. [Laughter.] 

GSA has taken a lead role in the Cloud First rollout. How is GSA 
assisting agencies in this effort? 

Mr. McClure. Well, through a couple of mechanisms. One, as I 
think Vivek pointed out, we are putting in contractual arrange- 
ments through our Blanket Purchase Agreements (BPAs) on things 
like infrastructure as a service and e-mail that are cloud based. It 
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allows really the agencies to purchase or provision these services 
in a very cost competitive way and much quicker than going 
through a full and open competition process. So we have done all 
the vetting. We have looked at the vendors. We have qualified 
them as being competent in space. We have done the security re- 
views. The agencies can purchase what they need from a mission 
perspective. 

The second thing, I think, that we do is actually put together the 
FedRAMP program that Vivek is referring to, working across gov- 
ernment, not just GSA, but we are trying to put a simpler, more 
effective, more complete security review for the government that is 
consistent across government and then leverage that once it is done 
rather than repeating them over and over and over again. 

So I think that will tremendously increase the speed by which we 
can get some of the technology solutions in place. 

Senator Brown. Mr. Powner, one final. What are the biggest se- 
curity risks moving forward toward cloud-based IT services? 

Mr. Powner. Well, clearly, security is a great concern. I would 
add that, like any project moving forward, you need to define your 
security. One option, moving to the cloud, if a commercial cloud is 
not adequate, there are private clouds you could move toward also 
with greater security. 

Senator Brown. Thank you Mr. Chairman. 

Senator Carper. Cood questions. 

Maybe a question for Mr. McClure and for Mr. Kundra. The 
President’s plan contains, I believe, 25 action items, and 14 of them 
are set to be completed within, I believe, 6 months of the plan’s 
issuance. There are about 2 months left on the first crucial timeline 
that has been set. 

I guess my first question to both of you would be: Do you think 
we are on schedule for those 14 items? And if not, which ones do 
you think we will not accomplish and why? 

Mr. Kundra. Sure, as I think with 124 days behind us and I be- 
lieve about 58 days to go, part of what we are really focused on is 
three areas: 

One, in terms of making sure we are working with Congress on 
the budget flexibilities, I think that is an area given that Congress 
has been very focused on the 2011 budget and now the 2012, we 
have not made as much progress as I would have liked on moving 
forward in that direction. 

The second area that we are very, very focused on right now is 
actually on the program manager path, the career track. I think we 
are in good shape there. We are very focused in terms of shutting 
down the 800 data centers. We have already identified over 100 
data centers that agencies have zeroed in on that could be shut 
down this calendar year. We are making a lot of good progress 
on 

Senator Carper. What do you do? Do you ask the agencies to 
help identify them? Is that the way it is working? 

Mr. Kundra. So we have actually put together a Data Center 
Consolidation Task Force, and that task force is zeroing in on each 
of the departments, and we are looking for opportunities to consoli- 
date, not just within departments but across the Federal Covern- 
ment. And so those are the data centers that we want to shut 
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down, but we want to move forward very, very aggressively to 
make sure that assets that are not being utilized, there is no need 
to waste taxpayer money on them. 

Senator Carper. As the Postal Service struggles with trying to 
figure out how to be vibrant and play a critical role in the 21st cen- 
tury, they are looking to close down not just post offices but also 
distribution centers. And there is a pushback. Are you getting 
pushback on these efforts to close the data centers? Or is it pretty 
much a fait accompli? 

Mr. Kundra. I think once we release the locations and the 
names, I am sure there is going to be a lot of robust discussion 
back and forth. 

Senator Carper. OK. 

Mr. Kundra. But I definitely expect that we will be before this 
Subcommittee talking about this. 

Senator Carper. All right. Good enough. 

Mr. McClure, any thoughts on that question? 

Mr. McClure. Yes, I think some of the things that I discussed 
in the statement today are helping the Cloud First strategy. The 
infrastructure as a service offering, the cloud e-mail offering, the 
ability for agencies to get software in the cloud off of our apps.gov 
Web site — these are all helping the agencies meet, I think, the 
Cloud First deadlines that the Administration has set. 

We also are helping create a pre-RFP collaboration platform so 
that industry and government can actually talk about solutions be- 
fore we enter into the laborious contracting and procurement proc- 
ess. I think that will be very helpful. 

The final area I think we are helping is in data consolidation in 
that we do a lot of the leg work for Vivek and collecting a lot of 
the information. And we can step back with Vivek and look, similar 
to what Dave is doing, on where we see real opportunities for cloud 
and consolidation across government, not just within a single agen- 
cy but across government, and that is really where I think a lot of 
progress can be made as well. 

Senator Carper. OK. I think you have spoken to this. I am going 
to drill down on it just a little bit more. Each agency is supposed 
to identify three must-move systems to the cloud within the first 
3 months of 2011, and let me just ask again. Have all the agencies 
met this goal? I think you may have responded, but have all the 
agencies met this goal? 

Mr. Kundra. Yes, they have submitted — I think we have about 
75 systems that have been identified that will move to the cloud, 
and part of what agencies are doing right now is making sure that 
they are looking at their security requirements, procurement strat- 
egies, to actually begin migrating over to the cloud. 

Senator Carper. All right. Thank you. 

Again, another question for Mr. Kundra and Mr. McClure. I am 
sure you are both aware of news over the past couple of days con- 
cerning Google’s claim that their Apps for government cloud prod- 
uct received Federal Information Security Management Act 
(FISMA) certification and accreditation from GSA. According to 
press reports, the Department of Justice (DOJ) notified Google in 
December 2010 that its Apps for government was, in fact, not 
FISMA compliant. To help provide some greater clarity on this 
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issue, I would just like to ask both of you, if you would, to comment 
on the recent reports and discuss how 0MB and GSA are address- 
ing the concerns that are raised by them. 

Mr. McClure. Sure, I would be glad to bring some clarity to it. 
In July 2010, GSA did a FISMA security accreditation for Google 
Apps Premier. That is what the Google product was called, and it 
passed our FISMA accreditation process. We actually did that so 
that other agencies could use the Google product, and we do one 
accreditation, and it is leveraged, again, across many agencies. 

Since that time, Google has introduced what they are calling 
Google Apps for government. It is a subset of Google Apps Premier. 
And as soon as we found out about that, as with all the other agen- 
cies, we have — what you would normally do when a product 
changes, you have to recertify it. So that is what we are doing right 
now. We are actually going through a recertification based upon 
those changes that Google has announced with the Apps for gov- 
ernment product offering. 

Senator Carper. Mr. Kundra, any comment, please? 

Mr. Kundra. Well, from an 0MB perspective, we do not actually 
get involved in individual procurements. We are more focused on 
the broader policy around this shift to cloud computing. 

Senator Carper. All right. I appreciate what you both have said 
here today, but given the potentially serious nature of the news, I 
have asked my staff to followup with your offices today on this 
issue so we can try just to get to the bottom of it. And I would also 
like — I am going to ask that you respond to any questions for the 
record that the Members of the Subcommittee may have on this 
same issue. 

Another one for Mr. Kundra and Mr. McClure and then I will 
close it with a short question for Mr. Powner. 

Today the continuing resolution (CR) introduced in the House, 
H.R. 1473, gives, I believe, $8 million to the Electronic Government 
Fund. This fund, which is often referred to as the E-Government 
Fund around here, pays to operate the IT Dashboard, 
USAspending.gov, among other things. And I understand that your 
original request was for around $34 million. 

Given this steep cut, will the E-Gov Fund continue to operate as 
it has in the past? Or can we expect some of these Web sites to 
go dark? 

Mr. Kundra. Well, I think given the original request versus 
where we are right now, we are still evaluating the implications, 
but we are going to have to make some tough decisions around 
which systems are going to have to go offline versus what can be 
supported with the $8 million fund. Since this is very recent news, 
we have not had a chance to actually sit down and prioritize sys- 
tems. 

Senator Carper. All right. Senator Brown has already asked a 
question about what further can we do to be helpful, supportive, 
and constructive, and I am going to come back to that and ask you 
what will be really the last question I ask of you. But before I ask 
that — and you have given us some thoughts already, but I want to 
just ask you to reinforce and re-emphasize some of your points. 

In each of your minds, what are the metrics for success for the 
President’s plan? What are the leading indicators that the Con- 
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gress and the American people can look to in, say the next 14 or 
so months to tell us if we are successful or not? Mr. Powner, do 
you want to go with that first? 

Mr. Powner. In terms of the IT reform plan, I would say getting 
more of those projects into the green would be one large area, and 
also in the data center arena, the goal to reduce 800 data centers 
by 2015, that in the next year or 18 months, to Mr. Kundra’s point 
that we are making progress on that, that is a stretch goal, but the 
stretch goals are very good. 

Senator Carper. Good. All right. Mr. McClure. 

Mr. McClure. Well, I think the IT reform plan covers so many 
different things that there are a lot of different ways to look at the 
measurement of its success. For example, we know we need to, as 
Dave has mentioned, and Vivek, that we need to improve program 
management in the government. That is not something you solve 
overnight. So some of these will have longer-term success measures 
than others. But I think the real things for us to focus on and we 
are focused on is looking at real cost savings. No. 1. No. 2, making 
sure as Vivek goes through the TechStat that poorly performing 
projects cease or at least they are repaired or fixed before they pro- 
ceed. And then, last, I think the measures for IT that are really 
golden are whether it is improving the business, the operations of 
government. 

So we really ought to be looking at the operational metrics of 
government and the service delivery of our programs. That is what 
IT is supposed to be helping do. 

Senator Carper. All right. Good. Mr. Kundra. 

Mr. Kundra. I would say three quick things. 

No. 1 would be to improve the yield on file $24-plus billion we 
spent on infrastructure, whether that is through shutting down the 
800 data centers or shifting to cloud. 

Second would be to make sure that the money we are spending 
on large-scale IT projects that we actually terminate, turn around, 
or halt poorly performing projects that could yield billions in sav- 
ings. 

And third, I think creating an ecosystem where we introduce 
Darwinian pressure as far as startup companies and innovative 
technology companies that can come and compete for Federal busi- 
ness. 

Senator Carper. All right. Thanks. 

Senator Brown, while you were out of the room, I told the panel 
that the last question I had for them is really one that you have 
already asked, but it is a real good question, and I just want to 
come back to it again. It is one I often ask panels in discussions 
of this nature. 

Again, just re-emphasize for us, underline for us the things that 
we need to continue doing on our side as one of the three branches 
of government to get to, in this arena, better results for less money. 
Mr. Powner. 

Mr. Powner. Well, a couple points here. Mr. Chairman, we have 
been at this for many years, but right now we have the best trans- 
parency we have ever had with the IT Dashboard. So I think your 
bill that would codify some type of — where that transparency con- 
tinues, that is clearly needed. And also, each year that we are up 
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here, we are always talking about hundreds of projects totaling 
near $20, sometimes $25 billion at risk — that has not changed over 
the years. We now have probably the best reform plan we have 
ever had, so in terms of the best transparency and the best plan, 
now is the time to execute to those plans. So I think your oversight 
hearings focused on those areas, along with your legislation, is very 
helpful. 

Senator Carper. All right. Thank you. Mr. McClure. 

Mr. McClure. I would agree totally. I think the role of the Com- 
mittee in shining transparency on exactly what is happening in the 
government is a change lever that the Congress needs to utilize as 
much as it possibly can. 

Second, I think the budget process is a difficult one in the tech- 
nology area because we assume that technology projects magically 
begin and end within a budget cycle, and many can but not all do. 
And yet we restart or recalibrate the discussion through the budget 
process. So aligning some of the budget needs with the technology 
cycles I think is something that the Congress should look at as 
well. 

Senator Carper. All right. Thank you. Mr. Kundra. 

Mr. Kundra. I think, Mr. Chairman, you are commended to real- 
ly bringing a focus on Federal IT, which is not necessarily the sexi- 
est subject in government. So I really appreciate the focus that you 
have brought over the many years. 

The areas that I think would be really, really helpful, I think the 
bill that you focused on and what I have seen working with your 
teams, seems to be transformational. 

Second would be the focus on the budget authorities; especially 
consolidating commodity IT under departmental CIOs would be ex- 
tremely helpful in moving this conversation forward. 

Senator Carper. Great. All right. That is very helpful. Thank 
you. 

Senator Brown, any last questions before we excuse this panel? 
All right. Gentlemen, thank you so much for joining us today and 
for the good work that is going on, and let us just not relent. Let 
us keep it going. Thanks so much. 

All right. Panel No. 2. I like to say we were saving the best for 
last, but those first guys were pretty good. We will see. 

The first witness on our second panel is Steve O’Keeffe, Founder 
of MeriTalk Online, a Government IT network that focuses on driv- 
ing the Government IT dialog. A 20-year veteran of the Govern- 
ment IT community, Mr. O’Keeffe has worked in both government 
and industry. In addition to MeriTalk, Mr. O’Keeffe has founded 
Telework Exchange, GovMark Council, and O’Keeffe & Company. 
Nice to see you. Welcome. 

Rishi Sood — is that correct? 

Mr. SooD. Yes. 

Senator Carper. Has your name ever been mispronounced? 

Mr. Sood. Every day. 

Senator Carper. OK. All right. Hopefully not here. Mr. Sood is 
Vice President of Gartner Incorporated, a major information tech- 
nology research and advisory company. Mr. Sood has spent the 
past 17 years at Gartner, but his recent focus has been dedicated 
to cloud computing and cybersecurity policy in government. 
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Our final witness is Mr. A1 Grasso, President and Chief Execu- 
tive Officer of MITRE Corporation. Nice to see you. MITRE Cor- 
poration is a leading not-for-profit organization which provides 
high-level analysis and information related to information tech- 
nology and modernization. 

We welcome you all. Thank you for your preparation and your 
willingness to spend this time with us, and we look forward to 
hearing your testimonies. Again, your entire statements will he 
made part of the record. If you would like to summarize, that 
would be just fine. 

I am told we are going to have a vote at noon, high noon, so that 
will give us an opportunity to complete each of your testimonies, 
and then what I will probably do is just run — if we only have one 
vote, I am just going to go to recess for a few minutes, run and 
vote, and then come back and we will ask a few questions. 

Mr. O’Keeffe, would you like to lead us off? Thank you. 

STATEMENT OF STEPHEN W.T. O’KEEFFE, i FOUNDER, 
MERITALK 

Mr. O’Keeffe. Thank you. Senator Carper. 

Senator Carper. What did you say? 

Mr. O’Keeffe. Thank you. 

Senator Carper. I am just kidding. [Laughter.] 

You were not born in Mississippi, were you? 

Mr. O’Keeffe. No, I was not born in Mississippi. Just next to it. 

Thank you for the opportunity to testify here today. It is great 
to be back. My name is Steve O’Keeffe, and I am the Founder of 
MeriTalk, the online Government IT community. We are here 
today to talk about OMB’s 25-point plan to fix Federal IT, and I 
would like to start with a quick comment about cloud computing, 
which is central to OMB’s plan. 

As you mentioned, this is not Mick dagger’s cloud that we are 
supposed to get off. In fact, many Federal agencies have already 
jumped on the cloud. This is not pie in the sky, if you will pardon 
the puns. Cloud 

Senator Carper. That is pretty good. I think you are on a roll 
here. 

Mr. O’Keeffe. Here we go. Cloud 

Senator Carper. You are going to be a tough act to follow. I hope 
you guys are taking notes. 

Mr. O’Keeffe. I will be here all day. 

So cloud is delivering very real savings and enhancing agility at 
Federal agencies like National Aeronautics and Space Administra- 
tion (NASA), Jet Propulsion Laboratory (JPL), Department of 
Health and Human Services (HHS), and the Securities and Ex- 
change Commission (SEC). This is not experimental stuff. These 
are very real savings. 

So maybe to kick off, why should we modernize Government IT? 
The Federal Government currently spends north of $80 billion, 
with a “B,” on IT. That is a lot of jingle — 33 percent more than the 
gross state product of Delaware, incidentally. 


^The prepared statement of Mr. O’Keeffe appears in the appendix on page 80. 
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Despite talk about doing more with less, these numbers continue 
to grow. I have been in the Government IT community for over 20 
years, and every year the budget seems to go up. 

Agencies are spending nearly half their IT budgets, some $35.7 
billion, supporting legacy technologies in need of modernization. 
And so to the 25-point plan. Like many others, my first review of 
OMB’s 25-point plan ended in confusion. Twenty-five points. Real- 
ly? When I was a small boy in school, I had profound challenges 
remembering the Ten Commandments, and, of course, there were 
only 10 of those. 

As we did last year for the Committee’s open government hear- 
ing, MeriTalk launched a survey of the Federal IT community to 
get government and industry perspectives on the 25-point plan. We 
asked respondents to rate each point of the plan based on whether 
it was, one, desirable and, two, doable. And taking a leaf out of 
Ross Perot’s book — for those people who remember the election — we 
have charts again, and I think those are in front of you. Senator 
Carper. 

The net up-front is that the community feels that all points are 
desirable, but there are some serious questions about executability. 
Interestingly, government employees are less optimistic about 
doability than their industry counterparts. 

We asked the community to rate each point in the 25-point plan, 
and as you can see from the All Respondents chart, the 
scattergram, the community does not place equal value on all 
points. Interestingly, the evolutionary, nurturing and easy-to-un- 
derstand points score best — Katie doing Vanna White here — with 
Point 7, design a formal IT program management career path, top- 
ping the charts. 

The most revolutionary initiative rated lowest. See Point 3, 
Cloud First. 

Other disruptive initiatives did not fare that well either: Point 1, 
data center consolidation, hit roughly in the middle of the pack. 
And Point 2, enabling a governmentwide marketplace for data cen- 
ter availability scored poorly as well. 

Now, let us look at civil versus defense. As you can see in the 
charts, civil and defense respondents march very much in lockstep. 
Point 7, design a formal IT program management career path, and 
Point 10, launching a best practices collaboration platform, top the 
charts. Interestingly, civilian agencies are more focused on Point 
16, reducing barriers to small innovative technology companies, a 
point that Vivek hit pretty hard, I think. Due to their dynamic mis- 
sion, defense agencies have embraced this approach long ago. DOD 
demonstrates a greater appetite for shared services as well as opti- 
mism for executability. 

Now to government versus industry. Interestingly, with the ex- 
ception of government being less optimistic about the ability to de- 
liver, government and industry are almost precisely on the same 
page. The exceptions include that industry prioritizes Point 8, re- 
quirement to scale IT program management career path, as well as 
Point 15, requirements to issue guidance and templates to support 
modular development. It is no great surprise that these points are 
important to contractors that are interested in getting it done. 
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Closing out the survey, we asked what one thing would respond- 
ents recommend that the government do to improve Federal IT. 
Both government and industry suggested that we attach account- 
ability to objectives. Other hot recommendations: allow CIOs to re- 
tain funds they save, eliminate unfunded mandates, and reduce the 
number of objectives. Clearly, less is more. 

The net take-away from the study: To increase the impact of ef- 
forts to fix Federal IT, we need to simplify the message and focus 
on the three C’s — consolidate, connect, and calibrate. 

Consolidate: Less is more. 

Connect: The Federal Government’s senior IT professionals are 
not equipped for nor experienced at driving change. We need to 
communicate the why, how, and what it means for your career in 
order to successfully operationalize desired change. 

Calibrate: We need to set goals that we really can and mean to 
measure, and we need to follow through on measurement and hold 
executives accountable. We need to recognize that the changes on 
the table are not easy. We should set realistic timelines, and we 
need to establish venues and tools to support Federal IT profes- 
sionals as they move through the profound changes. 

If the definition of insanity is doing the same thing and expecting 
a different outcome, then Mr. Vivek Kundra deserves high praise 
for introducing much-needed new thinking into Federal IT. Federal 
IT professionals estimate that data center consolidation and cloud 
can drive upwards of $14 billion, again with a “B,” in efficiency 
savings. 

Mr. Kundra is asking for $25 million to fund the Federal IT 
fixes. The return on investment on this $25 million is hundreds of 
dollars for pennies invested. The point here is not that we should 
focus on the easiest or most popular initiatives. 0MB needs to 
prioritize and focus hardest on the programs that offer the highest 
return on investment. That means cloud and data center consolida- 
tion. We need to listen to feedback from the community, set a clear 
vision, and build an operational framework to realize the changes 
that we seek. 

Thank you for the opportunity to testify. 

Senator Carper. We thank you. Thank you very much. 

Mr. Sood, please proceed. 

STATEMENT OF RISHI SOOD,i VICE PRESIDENT, GOVERNMENT 
VERTICAL INDUSTRIES, GARTNER, INCORPORATED 

Mr. SoOD. Chairman Carper and distinguished members of the 
Subcommittee, thank you for the opportunity to speak to you today. 
My name is Rishi Sood, and I am Vice President of government re- 
search at Gartner. Gartner is the world’s leading information tech- 
nology advisory and research firm and is a valuable partner to 
60,000 clients and 11,000 distinct organizations, including the Fed- 
eral Government. 

In examining the President’s plan, I would like to focus on the 
growth in Federal IT spending, the elements of the plan that will 
have an immediate impact, and reform issues that will be impor- 
tant over the long term. 


^The prepared statement of Mr Sood appears in the appendix on page 93. 
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To begin with, Federal IT spending has exploded over the past 
decade. According to my research at Gartner, traditional IT spend- 
ing by Federal Government organizations was approximately $32.2 
billion in 2001. This year it will reach $80.1 billion. This is an in- 
crease of over 248 percent over the past 10 years. 

While much of this IT expansion is justified by growing Federal 
operations, insufficient analysis has been given to the cost effec- 
tiveness of IT spending. Additionally, some of the spending in- 
creases have not been effectively coordinated, resulting in some 
cases in technology sprawl across the Federal Government. 

Given this dramatic rise in Federal IT spending, there are a 
number of questions that need to be addressed. What is the value 
and cost effectiveness of IT spending? To what extent is account- 
ability adequately built into the IT spending? And what steps 
should be taken to invest the right amount in the right applications 
while avoiding costly mistakes? 

While these questions are always important, they are even more 
important in light of the current budget battles and fiscal con- 
straints that will affect Federal IT spending. Not only will Federal 
agencies face slower growth in IT spending over the next decade, 
but there also may be cutbacks to current levels of IT spending. 
Urgent action is needed to improve IT spending because reforms 
will take time to show results. 

In the end, however, the value of IT comes from the impact of 
technology on government operations, increased productivity, lower 
cost of service delivery, and increased customer service. To succeed 
in these times, government must harvest the upside potential of IT 
while limiting the downside risk of implementation failures. 

Let us discuss some of the parts of the reform that will have an 
immediate impact. 

President Obama’s 25-point reform plan is a strong path forward 
to align the needs of Federal Government organizations with budg- 
et realities. The reform creates guardrails needed to guide tech- 
nology operations while continuing to promote innovation and ac- 
countable technology use. In many respects, the reform plan lays 
the initial foundation needed to answer the questions raised ear- 
lier: value, accountability, application size, and mix. 

Several of the areas of the reform plan will likely be most impor- 
tant for Federal technology management practices. These include: 

No. 1, the focus on an empowered CIO position. Empowered 
CIOs are needed to set enterprise goals, push standardization 
through the organization, and drive more efficient technology use. 
By strengthening the CIO position, there will be greater account- 
ability for achieving targeted agency goals. 

No. 2, move to a data center consolidation plan. The increase in 
data centers across the Federal Government has been dramatic. 
The task now is to consolidate these data centers to drive down 
costs and increase efficiency. Harvesting economies of scale is crit- 
ical for the effective allocation of information technology invest- 
ments. 

And, No. 3, the focus on shared services. The move to shared 
services provides an important means for Federal agencies to maxi- 
mize the value of technology, create a services-led approach to tech- 
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nology delivery, and build more efficient IT services across the gov- 
ernment enterprise. 

Now let us look at some of the longer-term reform issues in front 
of us. The President’s reform plan includes other strategically im- 
portant goals that will likely require a longer time horizon to im- 
plement. These include additional investments in government per- 
sonnel. The Federal Government will need to invest in Federal con- 
tract officers, acquisition officers, and program managers to drive 
and execute real change in procurement, acquisition, and manage- 
ment of technology projects. 

No. 2, technology vendor outreach, partnerships, and buy-in. An 
effective technology and service provider community is an essential 
part of Federal success with IT. As larger reforms take root, it will 
be vital for the Federal Government to increase its outreach to the 
vendor community, continue to work in partnership approach with 
this community, and to secure a strong buy-in for the changes 
ahead. 

And then. No. 3, an agile approach to IT. One of the most dif- 
ficult yet important aspects of the reform plan involves building a 
modular approach to technology investments. This will span mul- 
tiple parts of the technology life cycle and will likely require more 
effective and detailed use of newer methodologies, like EVM and 
PPM, to support these goals. 

In addition to the issues described above, it will be important for 
Federal officials to recognize the following: 

No. 1, timing. The reform plan includes goals for 6-, 12-, and 18- 
month time periods. While these goals are laudable, they may be 
overly ambitious. The Federal Government is an enormous enter- 
prise, and it is difficult to achieve significant structural changes in 
a short time horizon. 

No. 2, assisting agencies through the change. While some agen- 
cies have embraced the changes proposed, other agencies may be 
more resistant to change. As the reform plan moves forward, prop- 
er incentives and disincentives will be critical in moving agencies 
in a cohesive fashion. 

And then. No. 3, technology as a silver bullet. In the end, it must 
be recognized that information technology represents the best 
mechanism to improve government efficiency and lower the cost of 
service delivery. Consequently, IT must remain an important area 
of continued aggressive investment. The critical issue now is to pro- 
tect and incentivize the IT reforms noted here so that Federal IT 
will maximize results while minimizing mistakes. 

Thank you for your time, and I look forward to your questions. 

Senator Carper. Thanks. That was great testimony. Thank you 
so much. 

Mr. Grasso, welcome. Very nice to see you. 
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STATEMENT OF ALFRED GRASSO,i PRESIDENT AND CHIEF 
EXECUTIVE OFFICER, THE MITRE CORPORATION 

Mr. Grasso. Thank you. Chairman Carper, Senator Brown, hon- 
orable Members of the Subcommittee, thank you for giving me the 
opportunity to appear in front of you today on this very important 
topic. 

As you mentioned, my name is Alfred Grasso. I am President 
and CEO of the MITRE Corporation. Our company’s 50-plus years 
of experience, contributions, and accomplishments have given us a 
perspective that I believe is highly relevant to the topic of informa- 
tion technology planning and management. 

Information technology-intensive programs operate in an envi- 
ronment of rapid technology evolution where new generations of 
technology are introduced in months rather than years. Unfortu- 
nately, currently the Federal acquisition processes and budget cy- 
cles are not well matched to these timelines. OMB’s 25-point plan 
is a positive step in the IT reform process. 

As I observe the state of IT management in the Federal Govern- 
ment, I am struck by the amount of attention paid to the failures 
versus time analyzing the successes for critically important lessons. 
There is a strong tendency to impose new policies, processes, and 
reporting requirements in an effort to avoid future failure. These 
requirements introduce a burden that reduces agility, imposes 
costs, and delays the delivery of capability. 

In an interesting study conducted at the Defense Acquisition 
University, students determine that a “null program” — that is, a 
program that delivers absolutely nothing but satisfies mandatory 
reporting and process requirements — takes about 3 years to com- 
plete under the current rules. A system that requires 3 years to de- 
liver nothing is clearly fundamentally flawed. 

The 25-Point Implementation Plan to Reform Federal Informa- 
tion Technology Management is based on practices that work. We 
applaud 0MB, Mr. Kundra, and the Federal CIO Council’s leader- 
ship on this topic. However, experience leads us to observe that ad- 
ditional steps can be taken both to enable successful implementa- 
tion of the plan and to expand on some of the important goals de- 
fined in it. With that in mind, enduring change will require the fol- 
lowing: 

First, establish IT governance that includes authorities and flexi- 
bilities where they best contribute to the success or failure of these 
programs, without losing transparency into how these portfolios are 
performing. 

Second, build and empower PMOs by incentivizing and profes- 
sionalizing key management and technical roles to motivate people 
to adopt these roles as careers, not simply jobs. 

Third, define and build IT capabilities that are both secure and 
resilient. 

The first step is to establish a governance model that combines 
a comprehensive portfolio management and budgeting approach 
with close coupling to the end user. The goal from my experience 
is to provide the authority for CIOs to manage their budgets as a 


^The prepared statement of Mr. Grasso appears in the appendix on page 98. 
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portfolio, with the flexibility to shift resources to address changing 
needs, changing technology, and increasing agility. 

Fundamentally, the problem is this: The investment decision 
process occurs 12 to 24 months before the budget is actually made 
available, but the scoping, planning, and foundational technical 
work necessary to make a sound investment decision cannot be 
taken that far in advance and without some limited budget author- 
ization. The 25-point plan proposes to work with Congress to re- 
align this process, and we agree that is an important thing to do. 

I strongly encourage Congress to take the necessary steps to re- 
align the budgeting model and allow CIOs and portfolio managers 
to exercise the strategic decisionmaking that their peers in the pri- 
vate sector have had for years. 

In addition, the plan raises the need to align the delivery and 
technology cycles through incremental delivery. Again, I agree. 
However, it is critical that the increments be defined by sound, up- 
front architecture and systems engineering and the timing of incre- 
ments be linked with the operational tempo. Sound systems engi- 
neering performed early in a program’s life cycle has a strong cor- 
relation with improved project cost estimation and schedule plan- 
ning. Likewise, alignment with the operational tempo ensures that 
technology drops have clear business value and leverage IT infra- 
structure to support future cost-effective delivery of capabilities. 

The second critical step is to establish strong program manage- 
ment offices by incentivizing and professionalizing the key roles for 
successful IT program delivery. In my past testimony to this Sub- 
committee, I emphasized the importance of maintaining strong 
technical and management capabilities within the PMOs. 

It continues to be my experience that successful programs are 
characterized by a strong government PMO capable of acting as a 
strong technical peer with contractor counterparts on systems engi- 
neering topics. The individuals assigned to these program offices 
must view their position as a career and not simply a job. Incen- 
tives play a key role in attracting and retaining competent program 
office personnel. Establishing a career progression gives individuals 
the opportunity to secure greater responsibility and pay commensu- 
rate with increased degrees of proficiency. 

The third area of extreme importance is securing information 
systems and ensuring their resilience. This should be a critical as- 
pect of any investment, and it warrants major investments in its 
own right. All too often security is regarded as an afterthought, 
and all too frequently concerns about system vulnerabilities are 
used to justify making less transformational investments and ad- 
hering closely to the status quo. 

It is critical that the architecture and design of IT systems ad- 
dress both vulnerabilities and the capabilities required to with- 
stand a breach. These factors should be key to the evaluation of 
any IT investment to avoid additional costs downstream. This is a 
topic on which the Federal CIO, the CIO Council, and the Congress 
can provide more leadership. They should send a clear message 
that government information technology investments must not only 
be aligned with business needs, deployed incrementally and man- 
aged properly within budget and schedule, but also must be 
architected, developed, and operated with a clear eye on protecting 
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public and private data and continuing the critical services govern- 
ment performs for the public. 

Achieving the results expected of the 25-point plan requires a 
major transformation that spans many aspects of the Federal Gov- 
ernment’s operations. The many elements of the 25-point plan re- 
flect two sets of related priorities: Adopting new technology that 
enables greater efficiency and establishing an enduring foundation 
of capabilities to plan, manage, and execute IT programs more suc- 
cessfully. I believe the latter represents both the greatest challenge 
and the true imperative. Without the opportunity, authority, and 
resources to accomplish these goals, the success rate in adopting 
new technology will continue to suffer. 

I am supportive of the direction of the 25-point plan as well as 
other similar action plans developed and being implemented across 
many agencies today. I am encouraged by this Subcommittee’s 
clear interest in taking steps to codify methods and operating mod- 
els that we know to be successful and on the increased emphasis 
on develop foundational capabilities that will endure beyond con- 
temporary solutions. 

I believe if these steps are taken, the promise of the 25-point 
plan can be realized, and the priority it lays out will have lasting 
value. 

I respectfully request that my prepared statement be included in 
the record, and I would be pleased to answer any questions. 

Senator Carper. And we will be pleased to make your prepared 
remarks part of the record. 

That was an excellent summary. 

Thank you for your testimony, all of you. It was just superb. 

You may have heard that a vote has started, and I am going to 
run and vote, and we will just recess for a little bit. When I come 
back, the first question I will ask you — ^you can be thinking about 
this. I am going to ask you to reflect on the testimony of each of 
the other two witnesses appearing with you and some things that 
you think that you really agree with or maybe you are not sure 
about. And if there is anything you would like to look back to the 
testimony of our first three witnesses, to comment on what you 
heard there that might be appropriate to raise. We will start with 
that, and we will probably go for about, 15, 20 minutes and then 
adjourn. 

All right. Thanks very much. I will be back in about 10 minutes. 
[Recess.] 

I am going to ask that we reconvene. Thank you for your pa- 
tience and for bearing with us, and now let us resume. 

Just before I left, I indicated that my first question was going to 
be to ask you to reflect on what your colleagues here at the table 
have had to say and for each of you just to do that, and if you have 
any reflections on some of the testimony and the answers that the 
first panel provided for us, I would welcome either of those. 

Mr. Grasso, would you like to lead us off, please? 

Mr. Grasso. Sure. There were several points that have been 
made throughout the day here today that I think are especially val- 
uable, and, in fact, one reflects a question that you asked earlier. 
I think it should be no surprise to anybody that what is presented 
in the 25-point plan is a significant change agenda. And when it 
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comes to change, there is indeed quite a bit of resistance to change 
because it imposes on people’s equities in some cases and threatens 
others. 

So we look at things like data center consolidation and so forth, 
while we have, I think, admirable objectives, there is no doubt in 
my mind as we progress in this area that there will be obstacles 
in achieving those objectives. But I believe, with the proper level 
of leadership, attention, and perseverance, that we could overcome 
those obstacles. 

What we really do need to do is to ensure that the right incen- 
tives are in place for everybody so that we are all moving in the 
same direction. 

Senator Carper. Talk a little bit more about that, please? 

Mr. Grasso. All too often there are individual incentives. Every- 
body around the table is incentivized for their own personal career 
growth for a number of reasons. There are organizational incen- 
tives and there are incentives that are given to contractors in sup- 
porting the activities. 

So if you look at those three different incentives, today many of 
the individual incentives really are less focused on the outcome of 
the activity, and they are more focused on what I would call a ca- 
reer track for an individual. 

If you take a look specifically in the military, the job rotation and 
the assignments a person has been in is more important perhaps 
than staying in an assignment for a long enough period to see an 
outcome fulfilled. So we are finding folks rotating more often than 
should be. 

Inside industry, if you have a successful program manager on an 
important program, rest assured that person will be rewarded from 
a career perspective while on that program and as he or she transi- 
tions out of that program. It is often not the case where someone 
can get rewarded by staying on the same program for a number of 
years beyond what would be typical for that kind of assignment in- 
side of government. So the incentives need to be properly aligned 
to ensure that they are indeed pursuing what they believe to be a 
very strong career track. 

And the last point I would make is the topic of accountability. 
We all need to be accountable for these outcomes, and I think it 
is important to recognize that the successful outcome is one for 
which a number of stakeholders are involved. And there needs to 
be a shared sense of accountability, not just the CIO is accountable 
and he or she will succeed. All of the stakeholders need to share 
that level of accountability and need to be incentivized to do so. So 
I think those are some key points that were made. 

One last point that I think Rishi made is the business value. We 
talk about IT sometimes exclusive of the value that it delivers to 
transform the business and to deliver new capabilities or perhaps 
to deliver current capabilities more effectively. So we need to en- 
sure that the IT community and the mission side are very closely 
connected to ensure that it is delivering the business value that it 
was intended to deliver. 

Senator Carper. Good. Thank you. Those are very good points. 
Thank you. Mr. Sood. 


VerDate Nov 24 2008 1 1 :00 Feb 17, 2012 Jkt 067128 PO 00000 Frm 00036 Fmt 6633 Sfmt 6633 P:\DOCS\67128.TXT JOYCE 



H605-41331-79W7 with DISTILLER 


33 


Mr. SOOD. I think there was really valuable testimony by fellow 
panelist Mr. Grasso here that really focused on sort of the govern- 
ance issues, that focused on really the program management and 
career path issues associated with maintaining this course across 
the Federal Government. I think that is a vital aspect of the reform 
plan, the amount of investment that we are putting back into the 
agencies and the personnel within those agencies. 

I also think Mr. O’Keeffe has provided some really valuable data 
straight from governments directly, straight from the agencies and 
the vendor community directly in really interesting ways, not just 
what we should be doing and what is appropriate and what they 
think is appropriate about the reform plan, but also what is doable. 
And that juxtaposition between what can be done or should be 
done and what can be done over a short period of time I think is 
very valuable. It gives you a sense, I think, as Chairman of this 
Committee, really to look at the level of resistance that might be 
focused on some of the major reform plan items and the need to 
really push and lead those issues forward. 

I just want to make another comment, though, that was specific 
to the earlier panel, the government panel directly, because I think 
they made a number of points which were talking about trans- 
parency about this process, about the fact that you have been dedi- 
cated to holding these hearings and really shining a light, if you 
will, on this process. 

The combination of the IT Dashboard, the combination of the 
TechStat strategies, the combination of the hearings you are hold- 
ing I think truly are making some of those first steps toward re- 
forming the entire process and getting the level of waste and the 
level of efficiency out of the IT pantheon. So I applaud those ef- 
forts. 

Senator Carper. Thanks for saying that. Thank you. Mr. 
O’Keeffe. 

Mr. O’Keeffe. I wish you had told me there was a test before- 
hand. I would have paid more attention. 

Senator Carper. This is a pass/fail course. [Laughter.] 

Mr. O’Keeffe. I think there has been some very valuable testi- 
mony, and the perspectives of my fellow panelists here have been 
terrific. 

I think that the incentive point that Mr. Grasso makes is right 
on the money. We need to look at why people are going to be 
incented, what we refer to as “What’s in it for me” (WIIFM)? 

There are programs that have been launched at various Federal 
agencies where if you uncover savings opportunity, you get to keep 
50 percent of that money. And what has the result been? No sav- 
ings opportunities have been uncovered because they already have 
100 percent of the money, so why would they want to identify a 
program in order to lose half the budget? 

If you look at things like data center consolidation — and John 
Collins has been involved in some of those meetings — we are look- 
ing at the ability to consolidate data centers in other agencies’ data 
centers. Well, we had a data center lead from an agency out in 
Austin, Texas, who said that — he called around to agencies in the 
area in Austin and San Antonio to identify what other agencies 
might have space so he could consolidate into them. And what he 
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found was nobody had any space. Why would they have space? Be- 
cause if they allow him to consolidate into their data center, they 
lose that space and effectively they lose budget. 

So I think we need to look at some of the fundamental incen- 
tives. What are the carrots? What are the sticks? And, importantly 
where is the dog bone here? How are agencies like GSA eating 
their own dog food? Which I think is tremendously important. 

I think Rishi’s perspective in terms of organizations like Gartner 
can provide terrific crossover from what has happened in the com- 
mercial market so we can identify best practices for government, 
which are critical. 

I also think there were some interesting perspectives shared 
from GAO saying there are 600 H.R. systems in the Federal Gov- 
ernment, $2.9 billion. Clearly there is an opportunity for synergies 
and shared services. 

There are 4,700 systems currently outsourced. Vivek mentioned 
that. So when we talk about security, clearly there are security 
issues that exist in the current model. In many circumstances 
agencies are using security as a way not to move to cloud, and I 
have participated in testimony myself where we talked about the 
problems with leaky systems as they exist today on premise. 

I think some of the numbers about how many agencies have 
moved to cloud first are also very interesting. I would be curious 
to get more transparency into that, and also the discussion about 
the 14 items on the 25-point plan that are up in 6 months. I think 
the question about how far we have moved on those is a little un- 
fair inasmuch as we are not sure what funding has been attributed 
to the 25-point plan. 

So I think just overall, as we look at — I am just looking up here 
at the crest above your head: E Pluribus Unum; From many, one. 
And so this notion of what we are trying to do as a Federal Govern- 
ment, I think we need to look at it as, how can we all work to- 
gether in order to move the ball forward? And, critically, as we look 
at cloud computing, E Pluribus Unum really could be a motto for 
cloud computing inasmuch as the notion of everyone doing their 
own thing is not going to solve the problem. We do absolutely need 
to bring the resources together in order to provide a better, more 
effective, more efficient solution, not just for IT but for America. 

Senator Carper. That is great. Believe it or not, your reference 
to those Latin words behind me is giving me an idea for my closing 
thought. So that is good. 

This is really a question for all three of you, if I could, and let 
me just start with Mr. O’Keeffe. First, we want to thank you and 
your team at MeriTalk for the information you were able to provide 
today regarding the agency officials’ feelings about the 25-point 
plan. Very interesting. You find in this detail that both government 
and industry want accountability attached to the objectives of the 
plan, and they also suggest CIOs be able to retain funds that they 
save. 

I want to ask each of you on the panel to discuss these two ideas. 
How do you propose we insert stronger accountability and stronger 
financial incentives into the management of Federal IT? And I will 
ask, Mr. Grasso, for you to lead off, and then I will just say I stud- 
ied as an undergraduate — at Ohio State, I studied some economics. 
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my professors would say not nearly enough, But I got an MBA at 
Delaware and studied a little more economics. But I have always 
been fascinated by how do we harness market forces to drive good 
public policy behavior. I have always been fascinated with that. 

So, Mr. Grasso, when you said in your remarks — I think you 
talked about aligning the incentives. I look at almost everything, 
almost every issue that comes before us here. How do we have the 
incentives aligned? But would you want to take a shot at that? 
How do you propose that we insert stronger accountability and 
stronger financial incentives into the management of Federal IT? 
You have already commented on this a little bit, but you might 
want to add to it. 

Mr. Grasso. Mr. Chairman, this is obviously a very tough topic. 
If we had the answers, we would probably be employing them as 
we speak today. But from an accountability perspective, all too 
often we measure accountability by activity and not necessarily by 
outcome, partly because activity is measurable We could measure 
that you did something and how well you did that something. But 
did all of those activities lead to the outcome that you had desired. 

Senator Carper. I like to say we measure progress — or we 
incentivize progress. 

Mr. Grasso. That is exactly right. So I would say it would be a 
good first step to really develop a set of shared outcomes that are 
defined well enough and not so far into the future that it will be 
several careers before you could achieve those outcomes, but out- 
comes that are indeed measurable, as is in this plan, where you 
have 6-month increments. You are not just measuring progress, but 
there is a very specific, tangible outcome which connects the entire 
community together and would be a shared success for the commu- 
nity. So that means that it is an outcome that has responsibility 
of the developer to deliver something, the user to accept it and to 
start using it, and the test community to ensure that they have a 
program that is in place in the right time sequence. 

If we become more outcome focused than activity focused, I think 
attention to accountability will increase significantly. 

Senator Carper. Good. Thank you. Mr. Sood. 

Mr. Sood. Yes, just to dovetail on Mr. Grasso’s points there, I 
will go back to my written testimony that really focused on the 
business value of IT. I think too often in the reform or in the dis- 
cussions about the reform plan, there has been focus on whether 
Project X or Project Y should be canceled or not and what are the 
cost savings associated with that. 

I think in many respects CIO Kundra made a very important 
point, that when he did the first pass of the at-risk project list and 
took a look at the four that were terminated and the 11 that were 
reformed, if you will, the more important side of that was the 11 
that were reformed because at the end of the day the business need 
is still going to be there for whatever the technology initiative ini- 
tially was there. 

So being able to tie back incentives and being able to tie back 
that process to what is really the impact on the agency’s specific 
business process or the outcome that they are trying to achieve I 
think is a fundamental part of how we look at reform. It is not sim- 
ply about taking the 2,000 data centers and moving them down to 
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a manageable 1,000 or what have you. It is really about how effi- 
cient those data centers are and how much are we leveraging the 
economies of scale in running those data centers so that they are 
impacting real business issues. 

Senator Carper. All right. Thank you. Mr. O’Keeffe. 

Mr. O’Keeffe. I think to accountability, transparency is the an- 
swer. We need better data. The IT Dashboard is a great move. 
There are still some significant fidelity issues in terms of the qual- 
ity of that data. But the best way to drive accountability is trans- 
parency, and I think that has been talked about. We need to con- 
tinue to invest in those resources. 

We need to make sure that we do not make claims about what 
is out there that is not out there. And so if you look at things like 
the subcontractor database that was announced in the Washington 
Post 6 to 8 months ago, the quality of that data still is not particu- 
larly good. So we need to make sure that people are rewarded, 
which goes back to incentives. 

I think that when you look at IT people — and we are hiring them 
right now — they are very difficult — very good quality IT people are 
very difficult to hire, especially if you look at people, for example, 
who are building mobile applications, some of the more progressive 
disciplines. And so the public sector needs to work out how to 
incent these people to work in the government and to stay in the 
government. There are many, many excellent IT people in the Fed- 
eral Government. But if you have a culture where you cannot af- 
ford to hire the best and, candidly, you have significant challenges 
getting rid of people that do not perform, then what kind of culture 
does that breed? 

I think there are many opportunities for the government to 
incent and motivate these IT executives and professionals and 
practitioners. This should not be about the beatings will continue 
until morale improves. And if there are too many unfunded man- 
dates, it is very difficult to get out of bed in the morning and feel 
good about what you are doing. 

So we do not have the ability to open up the pocketbook and just 
lavish money on these people, as many private sector organizations 
are. But we can look at things like telework where we can give peo- 
ple the flexibility to work from home. We can look at some of the 
prizes that are out there right now where we can reward innova- 
tion coming from the government. And I think we also need to look 
at what we are outsourcing. So maybe some of these more inter- 
esting, more engaging projects, instead of outsourcing those to con- 
tractors, we could be looking at providing those exciting projects for 
government employees to work on. 

Senator Carper. All right. All good ideas. Thank you. 

A question for Mr. Sood and Mr. Grasso. In your testimony 
today, you both noted how the President’s plan incorporates a num- 
ber of commercial best practices and attempts to bring them to gov- 
ernment. One example of this is a move to segmented or modular 
development of IT projects. 

What concerns do each of you have about the ability of govern- 
ment to embrace this approach, how we can make sure that agen- 
cies have what they need to make this particular piece of the Presi- 
dent’s plan successful? 
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Mr. Grasso, do you want to lead us off? 

Mr. Grasso. Sure. If we take a look at the technology that we 
are accustomed to in our everyday lives today, whether it be the 
cell phone maybe in your pocket, whether it be the iPad in your 
briefcase, or the laptop, those have become commodities to us. We 
are turning those around anywhere from every 9 months to every 
3 years. But we are able to do so because they are built on a very 
strong foundation and platform that evolves over time, and we do 
not necessarily have to retrain ourselves, nor do we have to re- 
structure our own internal home infrastructure to accommodate 
these things. 

The platform itself is evolving to allow forward interoperability 
of new technologies. It is done because the interfaces are very 
clearly defined. The modularity of components are very clearly de- 
fined, and a marketplace has been created where you have many 
contributors and innovators that are working inside this platform 
and this framework that allow it to evolve. So we believe, I believe 
that it is critical that we are able to do this going forward on the 
government side of the house. 

On the government side of the house we have progressed quite 
a bit, but I come from a world where we buy everything all to- 
gether. If you need to buy a new software system, you buy the 
hardware that goes with it and the infrastructure that goes with 
it then you are evolving the entire thing. You are not building on 
top of a platform. So we need to change that thinking that exists 
today for which fundamentally we need to be interdependent. We 
need to allow service providers to provide that platform, that infra- 
structure, and build the value-added applications on top of it, allow 
that infrastructure to, in fact, evolve on its own and feel confident 
that those interfaces that evolve will allow my future applications 
to also evolve so that I do not necessarily have to design the under- 
lying infrastructure each and every time I upgrade. 

Senator Carper. All right. Good. Thanks. Mr. Sood. 

Mr. Sood. Yes, I would just say that agility with respect to IT 
is going to be the fundamentally most important way by which we 
really reform Federal Government IT spending over the longer 
term. But in many respects, it represents sort of the antithesis of 
the way the Federal Government has historically really looked at 
IT spending. We have looked at these wholesale, big-bang ap- 
proaches typically that last over a 2-year procurement cycle, and 
the items or the requirements that you set up front might be obso- 
lete by the time that procurement cycle is over and done with. 

Having a more agile approach really will change that flexible na- 
ture, that foundational nature of Government IT spending, but the 
problems or the concerns I guess I would have is: How is Congress 
going to adapt the budgeting part to coincide with this agile ap- 
proach to IT? How are we going to invest in the next group of con- 
tract officers, acquisition officers, and program managers that are 
really trained and seasoned to apply some of those techniques to 
their projects? How do we take detailed methodologies like earned 
value management or product portfolio management and really 
apply that to the agile structure so that, to CIO Kundra’s point 
earlier, we do not get into this road where we are finally assessing 
these projects 3 or 4 years later and they have spent $20, $50, $100 
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million without proven results? We need results or at least a re- 
view of results over a much more manageable timeframe. 

Senator Carper. All right. Thanks. 

The last question is, and this would be for everybody: I want, if 
you would, to just think sort of the big-picture here again as we 
close out, and I just wanted you to think outside of what you al- 
ready talked about and ask could you go beyond what you sub- 
mitted in your testimony or even said orally, but are there any 
other final areas of concern in Federal IT reform that are not get- 
ting enough air time? What are the things that might be flying 
under the radar, if any, that could come back to bite us later on 
down the road? We will just close with that one. 

Mr. O’Keeffe, any last thought there on that? 

Mr. O’Keeffe. Well, I think a couple points. Cybersecurity is not 
in the 25-point plan, and the comment from Mr. Kundra is that it 
is baked into everything. Teri Takai, the CIO for the Department 
of Defense, asked that question when the 25-point plan was re- 
vealed, so I think we need to make sure that we are mindful of 
what is going on in security. 

I think the feedback to date on FedRAMP has not been terrific, 
and so there is an opportunity to do better. 

I think it is great that GSA is listening to the feedback from its 
colleagues in government. 

I think the biggest thing to fear is fear itself and that we need 
to recognize this is changing very quickly. This whole community 
is changing very quickly. We need to be mindful of what can be a 
Luddite mentality. The people who oppose some of these changes 
are often referred to as “box buggers,” people that want their PC 
wherever it may be and they want to be able to go touch it. 

If you look at what has happened in the automotive industry, 
there is going to be significant change in industry. At one point 
there were Packards and there were Bugattis and there were a 
whole series of different cars. Tuckers and what you will. And ulti- 
mately we are going to consolidate that in the IT market to a num- 
ber of players that we cannot subsist. 

And I think in closing if we do not change — here was a super- 
power at one time that 

Senator Carper. There was a what? 

Mr. O’Keeffe. There was a superpower at one time that was 
structured under a monarchy and did not really recognize the value 
of democracy. And there was a revolution that you are probably 
aware of, which established a new superpower. And I think what 
we need to do is to recognize that the world is changing, and if we 
try to hang onto the way of the past in our society and also specifi- 
cally in the IT changes that will enable that, then it will not be 
good for our future. 

Senator Carper. All right. Thank you. Mr. Sood. 

Mr. Sood. That is an excellent question, and I appreciate the op- 
portunity to address it. 

I think in many respects we in the Beltway get really focused on 
federally specific issues, and we are very insular in that nature. I 
think in many respects we need to take a step back and see what 
we can learn from others, see what we can learn in the 50 labs of 
innovation that take place across State and local government and 
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see what we can learn from global public sector central govern- 
ments like the United Kingdom or Australia and what they are 
doing with their technology innovation. Or even take some of the 
lessons, as I mentioned in my written testimony, of commercial 
best practices and really not adopt them in government but adapt 
them for the best practices within government. I think that is sort 
of a fundamental issue that we could use more enlightenment on, 
shine more of a spotlight on, as to what are really the innovations 
that are taking place outside of the Federal Government here that 
we could be learning from. 

Senator Carper. OK. Good. Thanks. 

Mr. Grasso, you get the last word. 

Mr. Grasso. Throughout this discussion, I have heard the term 
“compliance” used quite a bit, and I would offer that compliance is 
necessary but it is not sufficient. We need to do things right, but 
we need to also do the right thing. 

So earlier in this discussion we talked about FISMA compliance 
with Google. What I would tell you is when it comes to compliance, 
compliance is often based on a number of experiences and best 
practices and, thus, a set of processes to avoid issues that were 
seen in the past. 

When you look at topics like cybersecurity, if you comply, you 
will avoid past problems. But it is not sufficient because we are 
learning new things each and every day. So we need to do business 
differently. So we need to go beyond simply compliance. We need 
to create an environment where we empower individuals to take 
the initiative, to assume that change, if you are doing the right 
thing, is actually a good thing. 

We talked about incentives earlier. Many individuals are 
incentivized to strictly comply to all of the rules. It puts them in- 
side of a box, if you will, and sometimes while they are doing 
things right per the process, they are not necessarily doing the 
right thing. 

So I think we just need to be very, very careful. We talk about 
this plan being really a plan of change. We need to create an envi- 
ronment and a culture where change is acceptable and that we 
learn from our failures so that, in fact, we can succeed with the 
changes that we plan in the future. 

Senator Carper. Well, my thanks, our thanks really to each of 
you for coming back and testifying before us today and in a number 
of cases and for really giving us a lot to think about and, frankly, 
a lot to help us. 

You mentioned in your last comment there, you mentioned the 
word “culture,” and one of the things that I am endeavoring to do 
and this Subcommittee is actually endeavoring to do, is to try to 
change-bit-by-bit the culture in our government. And I said earlier 
in my opening remarks, I believe I mentioned, a lot of people think 
we operate under a culture of spendthrift, and what we are trying 
to do is to move away from that toward a culture of thrift where 
we really ask the question, “Is possible to get better results for less 
money or for not much more money.” And I think in most cases it 
is. 

One of the ways it has dawned on me is that one of the ways 
to get better results for less money is just by doing a better job in 
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the way we develop and build these IT projects. That can really 
help us a lot. That is sort of a basic concept to understand, but it 
is really true. 

So thank you all. I am going to followup with a few more ques- 
tions in writing. One of the questions I will probably followup in 
writing is: Some of the witnesses said very complementary things 
about our legislation, which Senators Brown, Collins, Lieberman, 
and I have introduced. I really would welcome your thoughts if 
there are some things that are missing or some things that ought 
to be taken out. So we are always interested in constructive criti- 
cism. 

Again, thanks for your testimony and for helping to light the way 
for us here in the Legislative Branch. 

With that, we are adjourned. Thank you. 

[Whereupon, at 12:56 p.m., the Subcommittee was adjourned.] 
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SENATE COMMinXE ON HOWLAm SECUHTTY AND 
GOVEHNMENTAl AFFAIRS 

SOBCOWMETTEE ON FEDERAL FINANCIAL MANAGEMENT, 
GOVEIBURffiNT INFORMATION, FEDERAL SERVICES, AND 
INTERNATIONAL SECURirY 

HEARWG: "ESaHiniDg fte Pre^tet'a Ptan for Eiteiiitttiiig Wftstefol 
Spending in Infomatioa Technol^" 

WASHINGTON - Today, Sen. Tom Carper (D-Del.), Chairman of the Sraate Subconmiittee on 
Fecteral Financial Management, convened the hearing, "Examining the President's Pliui for 
Eliminating Wasteful Spending in Infoimation Technology. " The hearing explored eftbrts by ^e 
Obama Administraticui to rein in the federal govemmeant's infoimadon technology (IT) budget, 
vdiich siirpasi^ $80 billion annually. Vlv^ Kundra, the nation’s first Chief Information Officer, 
delivered testimony on the President's 25-point plan to reform federal IT spending and 
management. The hearing examined the progress being made cm the plan's implementation, as 
well as discussed the federal IT community's response to the plan detailed in a survey 
by Meritelk. 

Few a copy of the A^mistr^on's |^an fo refemm ^eral IT numagement, pl^se chek HERE, 

For mom inform^cm on the hearing or to watch a webc^t of &e hearing, please click HERE . 

A coj^i^Sen. Carper's remarks, as prepared for delivery, fothws; 

"Today's bearing wfli examiae Emident Obama's pteB to fnndameirtalfy transform the 
xnanagemeiit ^ onr federal iaforraari^ assets. The message of Ihe plan is dean 

We need to eiit what we can't afford and aorfoie an cmvhwBmettt hi wMeh h»i<mitive utd 
more cori-effeetive tedinologies am be empfoyed throo^oiit fovemment. 

" A.S I've said time and again, we need to look in evoy nook and enmny of ifoe federal 
government - domestic, defense and entitlements spending along with tax es|>aiditares 
and ask this question, "Is it pomible to get better resuibt for less mon^?" Tbebmrd trstih b 
that many programs' fonding levels will need to be reduced. Even some of the most popnlar 
and necessaiy programs out there will likely be asked to do more with less. 

Am^kans bdkwe tiiat tiiose of us here in Wasbin^on armi't capaMe of ddng the 
bald work we wa% hired to do — thift hi to effeodve^ man^e the tax dolfora tiiey oitrust ns 
wifo. Th^ kok at the spending decisions we've ma^ in recent years and question whefoer 
tiie cttltttra here is broken. Th^ question wbefoer we're capable of making the khd of 
tou^ decisions that tii^ and foeir fomiUes make with tiieir own budgets. 1 don't blame 
them for being skeptical. 
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"And I'm afraid that their skepticism has proved weil-ftHinded when yon look at the kind 
of avoidable management failares that have ocenrred in federal information technology 
over the past decade. The past mismanagmacnt of our nation's billion annual 
federal information technology is not only hrtrierabie - it's unsnstainable. Late last year, 
then Clffice of Management and Budget Dirertor Peter Orszag said that fixing the broken 
management of our federal government's information technology was the "single-most 
important step we can take in creating a more efficient and productive government." Based 
on the information ftat Office of Mani^ment and Budget has released as a part of its 
reviews, I believe he may be correct 

"The fiiilures of information technology mani^mnent te tiie federal gov^mment have, in 
some cases, been spectacular. For emunpie, the Govemmmit AccountabW^ Office found in 
January of this year that those mia^ffie National AnM^' ElMhonic Records 
investment had not been able to idontiiy potenlial Mst and schedule problems early and, as 
a result, failed to take any actions to aAiren ffienu The Government Accountability Office 
estimates that, because of these faihires in Aim troubled project, taxpayers will lose 
between S205 milHon and S4IK million. That's real money we're talking about 

"Today, we will look at toe Preskhsnt’s 25-point |Am to turn dds ship mowoi. The goab 
are aidinttras and im are ffie ttancRaes. Under ffie direction of our fitot F^leral ddtd 
Infonmtttmi Officer, Vivdc Kundra, the plaa is to be fUfy imptanenM wtthfai 18 months 
of bthoduetton. That> May 2812 if you're keqdng score at home. But tihe various gOab 
are bndcHs etown into six, tw^e, and eighteen month ineremento. TodbqF, 1 particoiarly 
intm-ested hi heaiteg hew we are pro^wssrag towards those sis - month geab. 

"The President's |dan centors around three main initiatives: First, die pian fbstersa 
cultural shift aim^ at maldng the management and hnplenimitation of brge federal IT 
projeeb more effective and efficient Second, tte pim pushes the federal government to 
adopt cheaper, better, and faster tcchnolo^es. Third, the plaa demands that We shed or 
consolidate ffie duplicative and wastffiii federal data centers hi Our inventory. 

"The plan is a positive first st^ in tackling the institutional and systemic probhus that 
have pbgncd federal information technology management for years. It's not perfect, but 
the President and Mr. Knndra shouU be commmided for toking on the chafimige. 1 look 
forward to hearing from our witnesses today about how we are propasting towards dicae 
goab, how i^neies are responding, and what those of ns here in Cimgress can do to h^ 
make h a Sucems. 

"Today I'm abo btuppy to introdttce,rdoieg wtdi nqr colleagues Senators Scott Brown, 
Liebcrman, and Colffich the InfMrmation TeehnoloQ' Inveshmmt Iffiinagem«ot Act of 
2011. Thb legation caDs for greaim' tnmsparenqr when it emnes to Ac emtand 
performance of onr mffion's information tcAnoh^ iavestmente so Aat the American 
taxpayer can see how thdr mohiO' b being spent. It abo dmnands Aat i^encies and the 
Office of Mana^im^ rmd Bui^t be held accountable for a project's failure and work 
either to fix them or <md tbem. 
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"The time for l«^, wasteful maHUgem^t of these i^ipcnsive investments is over. We are 
going to demand that projects he oirfiitiej on budget} and deliver on their promises. If they 
don't, we're going to bring thm to a hid^ nM wt^M going to end the pattern of throwing 
good money after bad. 1 hopettat our wMi^es trill Include in their testimony today some 
brief thoughts and comments abovt our legislatien." 
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STATEMSST OF SENATOR !^N)frr BROWN, RANKING MEMBER 

SUBCOMMITTEE ON FIBERAL FINANGIAU MANAGEMENT, GOVERNMENT 
INFORMATION, FMIERAL SERVICES, ANB INTEWATIONAt SECUWTY 

COMMITTEE ON HOMLAND SECURITY AND GOVIWNMENTAL AFFAIRS 

Hearing on 

*<Ez^infaig file PresUent't Plan for EUminating Wasteful Spiaadtag la Infomation Teehnolegy” 

April 12, 2011 

Seaa*or CaipCT, ftank you for holding this important hearing today. During times of 
emnmnic hardslup, the private sector innovates and finds new ways to operate snmrter, faster, 
and cheaper. Yet respoi»ibIe fiscal policy demands the government do the same in good times 
gtr bad. Accoidii^y, federal agencies and departramts have increasingly looked towanb 
infotmation technology (IT) to modernize and enhance their administrative ^ opo^onal 
ftinctions. As you can see in the bar graph behind me, in just the last ten years, govemm^ 
spending on IT has risen from just over $46 billion in 2001 to nearly $80 billion in fiscal year 
2011. As the government becomes more dependent on technology to conduct its daily business, 
five proportion of the federal budget going towards IT is anticipated to rise. This is why as 
agencies go on to make new investments, appropriate acquisition policy and guidance must be 
firmly in place. Effective oversight and accountability must be eivsured. Asour witnesses will 
point out today, however, the federal government continues to struggle with these issues month 
after month, year after year. 

Mr. Chairman, I know this is mi issue that fins subcommittee 1ms continually ftmused on, 
and wifii good reason. New invesQnents in software and IT infiastructure are sqvposed to 
streamline processes, create government efficiencies, and reduce costs. Yet, many of these 
programs, in fact, do file opposite. Whether it’s file Census Bureau’s band-held devices, or the 
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i^diives HectEOulc Recoal’s system, <»■ Hometod Seenrfty’s SBIfiet - we h^ng ^ut 

mismanaged IT pxigtams incurring j^ars of scfa^lule ddays and htmdreds of millions, if not 
billions of dollars, in cost ovemms. GAO and others point out time and time agA that 
misriiped prioriti^, poor reqmirnnmtts management, and inadequme oversi^t continue to 
pl^Ue itese inves&imnte. XJnforhmately, the impact of these delays and cost overruns remih 
farther than just an individual agency’s boOom-line. They have a si^ficant inq}^ On 
important long-tenn policy goals government-wide. 

For example, lake the Ilepartment of Defense’s financial improvement efforts. EkiD has 
never t«:dved a department-wide financial audit. They are pushing aggressively to be autfit 
ready by 2017. Yet reaching that deadline is dependent on upgrades to financial systems at all of 
the services. As GAO has testified before, most Of these systems are years behind schedule and 
will be billions of dollars over total cost when all is said and done. While many of them are 
“back on track”, any further schedule delays will make meeting the 2017 deadline viitaatly 
impossible. We cannot afford for waywmd FT projects to impact these important reform efforts 
iathefiiture. 

Thankfully, some significant steps have been taken to address some of the most pressing 
problems. 0MB has created oversight tools, such as the IT Dashboard, to provide Congress and 
die public better imigbt into IT project performance. In addition, agmKies are being held more 
tKXOuntable. 0MB has reviewed a significant number of major projects and, in several cases, 
canceled or significantly restructured the most problematic programs. To Mr. Kundra’s credit, 
OMB’s 25 point reform plan for federal IT is a positive step in the right direction. It serans to 
addre^ some long-standing program management issues while also taking advantage of key 
trends md innovations taking place in the private sector. 
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I am encoiu^ed by these efforts, but more work rnnaitss to be done. There is no 

doubt that government can leverage the expertise of the private sector in better ways. More 
attention can be focused on lemns-leamed and using best [sactiees both inside and outside 
government. For our part, I, along with Chairman Caipm and Senators Lieberman and Collins 
are woiki^ on legislation to codify smne of the recent 0MB initiatives, saieh as the IT 
Dashboard. Tim IrtfomtatimTechtmlogy Investment Management Act ■Vdll «istue foatfoese 
effective ovrasi^ mrasi^s last beyond the current Administratibn. Considering the amount of 
money being spent on IT, senior i^dership accountability and ovmership over these projects 
must be a continuing top priority. This legislation will go a long way to make certain it is, now, 
and into the future. 

I am mnazed by the potential for new technologies not only to streaming government 
operations, but also expand citizen participation like never before. No doubt, there are both 
many of^itiinities and challmiges iesociated with bringing the federal government into the 21^ 
Century. Our witnesses today play a big role in pushing us ahead. Their efforts do not go 
unnoticed. I tiiaak them for their service and look fmward to an engaging discussion. 

Thank you Mr. Chairman. 
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EXICOTIVE OFTTCE OF THE PRESIDENT 
OFFICE OF MANACa0»ENT AND BDDGET 
WASHINGTON, D.C. 26503 

April 12,2011 

STATEMENT OF VIVEK KUNDRA 
FEDERAL CHIEF INFORMATION OFFICER, 
ADSflNISTRATOR TOR ^GOVERNMENT AND HIFORMATION TECHNOLOGY 
OFFICE OF MANAGEMENT AND BUDGET 

BEFORE THE SENATE COMMITTEE ON HOMELAND SECURITY AND 
GOVERNMENTAL AFFAIRS 

SUBCOMKOTTEE ON FEDERAL FINANCIAL MANAGEMENT, GOVERNMENT 
INTOMHATION, FEDERAL SERVICES, AND INTERNATIONAL SECURITY 


“Exuminbfg the Prudent’s ftan for EUmnatittg Wast^ul SpemUng in InfomMioH 

Technology” 

Good morning, ChaimMin Carper, Ranking Member Brown, and members of Subcommittee. 
Tiank you for the opporfiinity to testify on ongoing efforts to reform Federal information 
technology management. 

My testimony will focus on the “25-Point Implementation Plan to Reform Federal Information 
Technology Managemenf ’ (attached), our blueprint to bring IT spending under control and 
deliver better services to the American people. 

The problems the reforms address are well-known: despite the vast promise of using information 
technology to improve how the Federal Government operates, v* continue to see projects spiral 
out of comtol - wasting tax payer dollars, failing to deliver results, and introducing security 
vulnerabilities. 

Effective muiagement of IT projects is essential to proteetii^ our citizen's information and our 
nation's security. No system can be secure unless it is well managed from its design throu^ its 
implementation and operation. 

Early on in this administration we took a new approach: bringing transparency to these failing 
{HOjects through die IT Dashboard, using the TechStat model to bring the proper focus on 
resolving problems before it was too late, and reducing the structural bmiers to bring innovative 
and effective technologies into government. 
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The reforms we introduced in December 201Q twiM on diis ^prosch - an appoach tfiat has 
alit^y reduced life cycle costs of major IT inv^tmente by $3 billion and decreased fte average 
time for delivery of meaningjfbi functionality fttas over two years to cij^t months. 

Specifically, the reforms ffiidress five key areas: 

1 . Applying Li]^ Technologies md Shared Solutions; 

2 . Stiet^eningnogramMam^nnit; 

3. Aligning iie Budg^ and Acquisition Process with tile Technology Cycle; 

4. Streamlining Govei^uce and Improving Accountability; and 

5. Increasing Bngagement witii Industry. 

Tbe plan is focused on execution with clear accountability and ownersh^. To nudse sure tills is 
not like a ftoorly pofoming Federal IT project we have broken down the reforms tote to 6 -, 12-, 
and IS-month intervals, Witit concrete deliverables that address the structural barriers that get to 
the way of consistent execution. 

1. Apply “Light Technologies” and Shared Solutions 

As a government, we too often rely on poprietary, custom IT solutions, instead of leveraging 
new technology and looking at common solutions to fit our needs. By leveraging shared 
inftastiucture and economies of scale, “light technology” or cloud computing services’, present a 
compelling business model for Federal leadership. Agencies are able to measure itod pay for cmly 
the rr resources teey consume, increase or decrease their usage to match requirements and 
budget constraints, and lev^ge the shared undtofytog capacity of IT resources. 

Agencies are already taking advantage of the benefits afforded by the cloud, by reducing their 
ownoship costs, improving poductivity, and provisioning and scaling faster than ever before. 
Hie Di^rtment of Agriculture is migrating 120,000 users across 5,000 locations to the cloud, 
reducing costs by $27 million over a five year period, while the General Services Administration 
(GSA) is shifting 17,000 email users to the cloud, reducing costs by $15 million over the next 
five yeare. The Census Bureau deployed a cloud-based customer self-service tool in just 25 
days, rather than the six months it would have taken conventionally. 

To harness tiie benefits of cloud computing, we have instituted a Xloud Firsf’ policy tiuouih 
the “Feteal Cloud Computing Strategy.”^ Ibis policy is intended to accelerate the pace at which 
tiie goveriunent will leidtze the value of cloud computing by requiring agencies to evaluate safe, 
secure cloud oomputb^ prtions before making any new investments. 


* The National Institute of Standards and Technology defines cloud computing as 'a model for enabling cwvenlent, 
on-demand netyyork access to a shared pool of configurable computing resources {e^., neoworits, servers, stor^, 
applications, and services! that can be rapidly provisioned and released with minimal management effort or 
service prtMder Interaction." 

® http://www.clo,fov/documents/Federal'Cloud-Computlng-Strategy.pdt 
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The other key referm in Ais area of light technolo^es and shared solutions is an increased focus 
on conhoUii^ infinsttuehire costs. The Federal ©oveiwnent currently spends $24 billion or 31 
percent of its annua] IT bud^ on often redundant and inefftcient infrastructure. This is tte 
opposite of what tile private sector is doing. Large companies are r^ically tracing their 
mmiber of date cenlm to significantly reduce facilhfe, energy, IT infiastiucture, md operations 
costs. 

Since 1 998 the Federal Oovanmestt h^ increased the number of its data (%n^s, fiom 432 to 
2,094, a 385 percent iitcrea!*. This growth is unsustainable. That is why we are actively shutting 
down 800 data centers by 2015. 

2« Strengthenfaig Pn^ram Management 

Chailenges witti program management are pervasive across the Federal Governraart due to a 
general shortage of qualified personnel. Effectively managing IT {aograms requires a corps of 
progrmi and project management professionals wMi extensive experi«ice and robust training. 
Strwjg program management professionals are i»isential to effectively ^waid IT programs from 
beginning to end, alipi disparate stakeholders, manage tire tension between on-time delivery and 
adrfitionai functionality, and escalate issues for rapid resolution before tiiof become rowlblocics. 

Inia^ry govenunast agencies, the Program Manager position is often filled on m ad-hoc bffifis 
witfi individuals temporarily pulled fiom other functional areas. As a result, agencies suffer from 
hi^ turnover and a tack of expertise in this critical position. 

We have worked witfi the Office of Personnel Management (0PM) to take steps to significantly 
enhance the supply of IT program management talent in the Federal Oovemment. 0PM has 
created a career path to atoact and reward top performers. They will also draft a competency 
model for IT program management consistent with the IT project manager model to ensure that 
the Federal Oovemment cultivates the highest performii^ managers in IT. The individuals 
managing tiie most complicated, high profile, and expensive IT programs in the world must be of 
the hi^iest quality and given the ability to lead. 

The fonnation of this new occupational sraies will grow the community of experienced and 
expert propwn managers that will help to generate best practices, innovations to IT 
management, and greater efficiencies and effectiveness in the larger Federal IT portfolio. 

3, Align the Budget and Acquisition Process with tiie Technology Cycle 

The r^id paee of technological change does not match well with the Federal Oovertiment’s 
budget formulation and execution processes, The budget process fbrees agencies to specify in 
detail what tiiey are going to build 24-months before they can even start a project, and the 
acquisition process routinely tacks on another 12 to 1 8 months. This multiyear process locks 
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^encies into specific technology solutions that are almost by definition out of by the time 

the preject starts. 

For years, inctudmg in the Clinger-Cohen Act of 19M, the Oovemmeht has tried to move to 
modaltr development, allowing lessons learned from an early cycle in an IT fHo^am to inform 
the detailed plans for the next cycle. 

But for modular contracting to be truly effective, in many cases it will need to te complemented 
with budget flexibility to manage IT programs responsibly. Several agendes have wotted with 
Congress to achieve greater FT budget flexibility dirough multi-year and/or agency-wide 
portfolio appropriations. 

To deploy IT successfully, ^encies need the ability to make final decisions on technology 
solutions at the point of wtecutioa, so drat the budget process is aliped witti die technology 
cycle. Agencies need the flexibility within their pottfoiio to respond to diiuiges on the ground. 

At dm same time, Congress has a legitimate and important need for ovetsi^ particuiarly given 
die history of project failures. 

In the past 4 months, we have worked with Agencies to examine their needs and legal 
ftameworks to determine where we may need to work with Congress to provide additional 
flexibility, while making sure we deliver additional transparency on how these fonds are spent. 
We look forward to working with Congress to consolidate commodity IT funding under the 
agency CIOs and develop flexible budget models that alip with modular development. 

4, Streamline Governance and Improving Accountability 

In June 20(^, the Adninistration launched the IT Dashboard, making information on the 
performance of IT projects, such as project budgets and schedules, publicly available and 
constantly updated. For years, GAO and members of this Committee pushed for more 
information on troubled projects, as OMB tracked fliem and worked with the Agencies to bring 
them under control. The Dashboard provides this transparency and accountability, giving anyone 
the ability to identify and monitor the performance of IT projects, just as easily as drey can 
monitor die stock market or baseball scores. It shows budget, schedule, and performwice metrics. 
If a project is behind schedule or over budget, you will see it on the Dashboard. 

To build off of the information provided in the Dashboard, in January 2010, we held the first 
TechStat Accountability Session (TechStat). A TechStat session is a fiice-to-face review of an 
IT program, und«diken with OMB and agency leadership and powered by the IT Dashboard. 
Meetings conclude with concrete action items, with owners and deadlines diat are formalized in 
a memo and tracked to completion. This improved line-of-sight between project teams and senior 
executives increase the precision of ongoing measurement of IT program health. 
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In June 2010, we halted all financial system modernization projects requiring agencies te ensure 
that project plans were focused only on critical ftectioRat% and systems were broken down into 
small frequent delivembles. Then in August 201% 0MB ttegeted 26 of the highest priority TT 
investments with TechStstoi to ensiHe they deliver value to die Americtei people. 

In total, these high priority TechStatsarnl financial systems reviews have led to over $3 billion in 
life-cycle cost reducriofls, and have reduc»l timeto delivery fiom over two years to eight 
months. As a result of diese reviews, Ae Administration was able to gain a sharper picture of the 
persistent problems facing Federal IT. This engagement process led dir^y to our reSrrms in die 
«eas of operatiomd efflenmcy and large-scale FT progtmn manag^ent. 

The stratej^ for strengthening IT governance centers on driving agency adoption of foe TechSt^ 
model. We tee scaling fois capability across the Federal Government, increasing foe number of 
proems that cati be reviewed and hastening the speed at which interventions occin. In foe past 
4 months, we have trained 129 agency represerttatives to implement foe TechStat model at their 
respective agencies; 23 agencies have conducted their initial TechStat session; we open sourced 
foe IT Dashboard code to allow adoption in states and territories; and shared our training 
material widely - inciufong publicly on www.cio.gov/TechStat - leading to over 1 ,000 
downloads of oar detailed training guide, foe over 1 00-page “TechStat toolkit”. 

Taken togefoer foe reforms allow Agency Chief Information Offictes (CIOs) to increase their 
focus on portfolio management and away from polieymaking and maintaining IT inflastruchire. 
This work is being supported by foe Federal CIO Council, foe body for CIOs fiom across foe 
government to come toother to share best practices md develop policy, and foe engine for much 
of what we do in IT across government. Moving forward, the Council will act more like foe 
Bbard of a major company; setting high-level goals across foe government, and conducting 
rigorous oversight to meet these goals. 

This Council has become essential for executing all these reforms, driving collaboration among 
agencies, reducing stovepipes and finding common solutions to immediate problems. The CIO 
Council, with fois new managtenent fitemework, will ensure that Agteicy CIOs have foe support 
they need to make foese changes a reality. 

S, Increase Engagement with Industry 

Our review determined that Federal IT contracts are often difficult to manage because they were 
not well-defitred or ■vrell-written. Many times this is the result of ineffisctive engagement with the 
industry, created by misirtterpretations of acquisition regulations. With foese artificial barriers in 
place, agencies cannot determine how to effectively get the services foey require, which results 
in waste, delivery delays, and erosion of foe value of IT investmtette as a result. 

To address these barriers head-on, Dan Gordon, the Administrator of foe Office of Federal 
Procurement Policy (OFPP) is leading an aggressive “myth-busters” campaign to identify and 
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a^ess core misconceptions idKJUt comiininictfitni b«weett *e government and induary during 
the pre>award acquisition process. 

Tlte top ten misconceptions Were demystified throng a memo circulated to all agencies smd 
througjiout indusny.* These myths ranged from ‘*[w]e cMi't meet one-on-one with a potential 
offeror,” to “[gjeali^ taoad pttticipation by many different veiwJOra is too difficult; we’re better 
off dealing with fito estMshed companies we know.” In ai^iirion to overall bater management 
of rr, we believe that increased engagement with industry will also help overcome the ties that 
may occur between ^encies and certain vendors, stifling innovation and the ability for agencies 
to use the best wjd most innovative technologies. 

in addition, CSSA will be developing a pre-RFP platform tihat will support increased collaboration 
between indtstty and ^vemment during market lestsarch and coneeis initiation to leverage 
tedusaty advwkces and knowledge, improve deveioimient of requkHnentS, and otherwise support 
opm and fair eitpgement Iretween government and industry. 

CmdaisioB 

Throughout these reforms, we have taken the approach of scaling practices that we know work 
and focusii^ on execution instead of just policy development. Already fills q>|noach has 
accelerated the delivery of IT fimctionality, re-scoped and terminated poorly performing 
projetBs, and med money. 

That is Why we must continue to build upon file progress to date and scale the practices that we 
know work to make Federal IT perform at the level the American people expect and deserve. 

The Federal Government must be able to provision Services like nimble start-iqi companies and 
leverage smarter technologies that require lower ctpitol outlays. 

I Wbuld like to thank flie members of the Commikee and flieir staff for putting IT managemait 
fiont and center and helping tmnsform file lambcape of Federal IT. 


’http://www.whit8house.gov/Btts/eeteul^Wes/omb/procuremertt/memo/Myth-Bust!ng.p(ff 
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Good morning Chairman Cai^r, Ranking Member Brown and Members of the Subcommittee. 
Thank you for the opportunity to appear before you today to discuss the General Service 
Administration's (GSA) role In ongoing efforts to reform the Federal government's IT 
management reform agenda. GSA pia^ a pivotal rote in supporting this agenda by pursuing 
cost effective and innovative tedmolo^ solutions often shared across federal agencies. 

in the last six monfffs, the Administration's efforts to apply r^r to Information Technology 
Reform has resulted in several key guidance documents, policies, and effort that inform the 
federal government's prr^ess in iroptementing effective IT management reforms - in particular 
with cloud computir^ Key documents Include the 0MB 25 Point Imptementation Plan to 
Pefotm fedemi It^ormatian Techne^ogy Management and the Federal Cloud Computing 
Strategy issued by the federal CIO's office. They frame the federal government's efforts to 
reform the way IT Is acquired and managed white meeting the Administration's goals to make 
government more responsive, operationally effective, cost efficient, transparent, participatory, 
collaimrative, and innos^tive for the citizens it serves. 

At GSA, we think the adoption of safe and secure cloud computing by the federal g^ernment 
present an ^iportunity to close the IT performance gap between the public and private 
sectors. We help a^ncies improve access to modem technology needs faster and with lower 
costs. The case for cloud computing is compelling It allows agencies to pay only for the 
resources foey use in response to high and low demand, avoid the expenses of building and 
maintaining an IT infrastructure, and control the appropriate level of security for data and 
applications. Also, cloud computing is a key technology for achieving cost effective data center 
consolidation. In foct, agencies have already started to realize saving as they begin to adopt 
cloud computing across their programs. There are lots of examples where agencies have 
implemented cloud solutions and found significant savings. Those are highlighted on our web 
page lnfo.Apps.gov. 


GSA's&mtrlbudons to Govemment-wkle Efforts 

GSA plays a strong leadership rote in supporting the adoption of cloud computing In the Federal 
government. We concentrate our efforts on facilitating easy access to doud-based solutions 
from commercial providers that meet federal requirements, enhancing agencies' capacity to 
analyze viable cloud computing options that meet their business and technology modernization 
needs, and addressing obstacles to safe and secure doud computing. In particular, GSA has the 
lead in facllitaffttg new innovative cloud computing procurement options, ensuring effective 
cloud security and standards are in place, and identifying potential molti*agency or 
government'vdde uses ^ doud computing solutions. GSA's continued ability to support these 
important inltWffves Is dependent upon the availability of funding from the Electronic 
Government Fund or other sources. 

GSA is the Information "hub" for cloud use examples and case studies, dedsional and 
implementation best practices, and for sharing exposed risks and lessons learned. We launched 
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and maintained a web site (www.mfo.xiMSM¥i t& an ewlving knowledge repository for ail 
government agencies to use and to contribute their expertise. 

Further, the Federal Cloud Project Management Office (PMO), housed in my office, provides 
support to the Federal CIO Council's Cloud Computing Executive Steering Committee and 
Working Groups. As we move more toward more high risk and impact system requirements, 
we'll engage even further with our Intelligence community partners. 

Figure 1 details the primary activities within the Federal Cloud PMO. 



Promoting mSoption and removing ot>smetl 0 s In tm gmfsmment-wicia acquisition and 
utilBation at cost effective, grmn and mi^eineble FeiMmt cloud computing solutions. 
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Figure 1 

Our Cloud PMO is very active and productive. To illustrate, the PMO is working on the design 
and implementation of security controls, processes and procedures tailored to cloud computing 
- commonly referred to as the Federal Risk and Authorization Management Program 
(FedRAMP). In addition, in conjunction with our Federal Acquisition Service, we have 
developed procurement vehicles for agencies to acquire cloud services and products - 
infrastructure as a service and cloud-based e-mail are our current projects. We have al.5o 
established a 'cioud storefront" {op os.aov ) as a site for agencies to directly purchase cloud 
services. The PMO also functions as an information clearing house by promoting current and 
planned cloud projects across the government and sharing best practices & lessons learned for 
cloud adoption and implementation. 
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AddWonsHy, the PMO supports OMB's Federaf Data Center Consolidation Initiative, One of our 
0 \wn best practices is the use of working groups ito address spedflc targets requiring 
specialized in-depdi expertise such as security, standards and cloud based e-mail services. 
These vrorking groups allow us to levera^ experience across the government that produces 
results with a smalt technical staff. 

Let me provide sorrre additional detail on some of these initiatives: 

FMetat Risk and hffiatwwement Program IFed^MM 

The Federal Risk and Authorization Management Program is being established to provide a 
standard approach to Assessing and Authorizing (A&A) cloud computing services and products. 
Currently, this is an expensive, time-consuming process exercised inconsistently across the 
government. Currently, an average AgiA costs up to $180,000 and requires up to six months to 
complete. FedfbWP will allow joint authorizations and continuous security monitOilng services 
for Sovemment and Commercial doud computing systems. Joint authorization of cloud 
providers results in a ajmmon security risk model that can be leveraged across the Federal 
Government A common security risk model is also a consistent baseline for doud based 
technolo^es ensuring that the benefits of doud-based technologies are effectively integrated 
across the Various doud computing solutions. The risk model enables the government to 
"approve once, and use often". As depicted in Figure 2, each government agency must 
currently ronduct Its own authorization process that is duplicative, expensive and inconsistent. 
With the implementation of FedRAMP, an agency can accept security authorizations performed 
by other agendas with confidence In its standardization and consistency. 
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Figure 2 

As FedRAMP allows agencies to reuse authorizations, participating agencies need oniy review 
security details and leverage the existing authorization in order to secure agency usage of the 
candidate system. This should greatly reduce cost, enable rapid acquisition, and reduce overall 
level of effort by both government and Industry technology providers. FedRAMP's processes, 
policy implications, governance, and technical security standards have all been arrived at via a 
consensus-based approach within government. The National Institute of Standards and 
Technology (NIST), the Department of Homeland Security (DHS), the Department of Defense 
(OoD), the National Security Agency (NSA), numerous industry consortia, and many other 
federal and state and local government entities have all collaborated with GSA to arrive at the 
current state,' 

We expect that an initial version of FedRAMP will be stood up and ready to process the first 
certifications in the near future. We anticipate that this will be an iterative process subject to 
constant improvement as we evaluate how the risk model, processes, procedures, and controls 
are executed. 
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InfiastnieturcasaSewaeeHaaSl 


Each year, the gowrnment spends tens of bitiions of dollars on IT products and services, with a 
heavy focus on maintaining current infrastrucWre needs and demands. QSA has established a 
Blanket Purchase Agreement (BPA) vrlth 12 companies {many with multiple partners) who offer 
storage, computing power, and website homing as commodities that streamlines the 
procurement and vetting process to allow agencies to implement solutions more puibidy' 

This BPA addresses Reform Initiative #4 In OMB's 25 Point implemfirteitim Ptan to Heform 
Federal Information Technology Management that d\rect$ SSA to stand-up contract vehicles for 
secure laaS solutions. 

The laaS BPA offers its federal customers a wealth of benefits, including; 

• Commodity pridi^- Web hosting. Virtual Machines, and StOr^ are priced as explicitly 
defined, standard services allowing customers to easily compare prices across vendors. 
Additional discounts may also be obtained at the task order level 

• i^andarifized rertulrements - Companies are required to meet standard technical and 
security requirements for use across the Federal government 

• Comprehensive services from a single ta^ order- All services can be purchased using a 
single, performance-based task order 

• Acqufritlon oversight - GSA has established reporting requirements and effective 
administrative oversight to ensure compliance and efficiency 

Qoud Email 

fi& QSA continues Its work to make cloud services more readily available to government 
customers, the agency chose to tackle one of the most Ubiquitous business technologies in use 
by all federal agencies: email. Established in June 2010, the Bmail as a Ser\dce (EaaS) Working 
Group, comprised of email and collaboration experts from across government, took a 
collaborative approach to procurement by drafting requirements with input from Its members. 
These ff professionals brought their own agencies' requirements to the table, leading to a 
cooperative procurement that will best address the needs of the federal enterprise as a whole. 

Once this procurement Is released and concluded, services will be offered to federal customers 
via a Blanket Purchase Agreement (BPA), which wtil drastically reduce foe amount of time and 
resources needed to procure foe cloud email solution that best fits their agency's needs. Based 
on Forrester Research average cost savings for an agency that leverages the BPA will be 
$ll/mailbox/month, $1 million in annual savings for every 7,500 users, or approximately 44% 
over existing on-premise email solutions. Furthermore, the BPA will a^ommodate a range of 
email services in public, private, and highly secured clouds, making robust, feature-rich, secure 
email and collaboration service options similar to those currently being implemented at GSA 
and USBA available to aivy interested federal or state and local agency. The EaaS BPA addresses 
IT Reform Initiative #5 in foe President's 25 Point Implementation Plan to P^rm Federal 
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Information Tectmoiogy Management that pushes contract vehictes tor cloud commodity 
services. 


[Bt«a«h»rttittBrwfar aeeiscy-lHdwiWvcollaitoatton 

Shortentogthe adjuisition timeline and awarding successful IT osntracts retiulres a 
multifaceted set of solutions. To "bust* prevailing myths, we will increase communication with 
Industry and help establish a foundation of high tonctioning, "cross-trained" program teams, 
improving the way we define requirements requires that we make inexpensive, effldent 
collaboration solutions ayattable to alt agencies, especially in the period prior to issuing a 
Request for Prt^sal (RFP). To this end, GSA is working to establish an interactive platform for 
pre-RFP agency-InduStry collaboration. 


GSA is responsible for this action in QMS's 25 Point Implementation Plan to Reform Federal 
Inforindtion Teehnoli^y Management To date, GSA has gathered Input from stakeholders in 
^vernmeHt and industry as a basis for requirements for the collaboration. Based on those 
requirement, a host of alternatives for design and delivery of an onifoe collahoratien tool were 
examined and rated. Candidates for the tool included existing government sterns and 
commercial collaboration tools. 

Federal Data Center Consolldatton Initiative 

In addition to improving IT service levels, cloud (fomputing will be a major factor in reducing the 
environmental footprint of technology and will help achieve important sustainability goah. 
Elective use of Cloud computing is an integral part of the government's strategy to reduce the 
need for multipte data centers and the energy they coraume. Currently, GSA is supporting 
agencies to execute their data center consolidation plans, with activities planned through FVIS. 
Adoption Of cloud computing can help agencies buy improved services at a lower cost within 
acceptable risk levels. Furthermore, agencies can do so without having to maintain expensive, 
independent, and often needlessly redundant brick-and-mortar data centers. 

The Federal Data Center Consolidation Initiative was launched In February 2010 to (aj reduce 
the cost of data center hardware, software and operations; (b) Increase the overall IT security 
posture of the government; (c) shift IT investments to more efficient computing plmforms and 
technologies; and (d) promote the use of Green IT by reducing foe overall energy and real 
estate footprint of government data centers. GSA assists agencies in iderttifying their existing 
data center assets and formulating consolidation plans that include technical roadmaps and 
consolidation targets. We are also supporting the Data Center Consolidation Task Force that 
functions as a consensus-based group to tackle the many challenges the government will face 
as it reduces the number of data centers. 

The FDDCI addresses Reform Agenda Initiatives #1 and #2 in OMS's 25 Point Implementation 
Plan to R^rm Federal Information Technology Management that requires agencies to 

7 


VerDate Nov 24 2008 1 1 :00 Feb 17, 2012 Jkt 067128 PO 00000 Frm 00063 Fmt 6601 Sfmt 6601 P:\DOCS\67128.TXT JOYCE 


H605-41331-79W7 with DISTILLER 


60 


comi>lete detailed implementatien plans to consolidate at least SW data centers by 2015 and 
create a ^vemment>wide rnariistplace for data center availability. 

0SA doud Mtlattves Focused on im^ovHiginterflai EWendes 

In addition to supporting cloud computing lnttiati\« across the government, GSA has also 
moved aggressively to adopt practical and secure doud'based solutions. GSA Is at the forefront 
of adoptir^ cloud computing from web hosting to e-mail, 

• doud E-mail imidemenbMion - GSA Is the first foderat agency to award and begin 
Implementing a cloud-based email solution agency-wide. GSA will save 50 percent, over 
the next five years when compared to current staff. Infrastructure, and contract support 
costs. Implementation will be complete in 2012. 

• [fota Center Gons^Mation - GSA expects to reduce its government owned data centers 
from 15 to 3 by Fy2015. This Is one of the most aggressive reductions in the federal 
government. We are inventorying our data center assets to find opportunities to 
decommtsslon and move to virtualized servers, consolidate or retire business 
applications, and migrate to cloud computing solutions. As noted before, we mcpect a 
significant savings once we complete the consolidation efforts. 

• t^..gov -GSA moved this site - the federal government's primary public-facing 
informattet portal to a cloud-based hosting arrangement with a commercial vendor. 
This enable the site to deliver a consistent level of access to information as new 
databases are added, as peak usage periods are encountered, and as the site evolves to 
encompass more services. By moving to a cloud, GSA was able to reduce site upgrade 
time from nine months to one day; monthly downtime improved from two hours to 
99.9% availability; and GSA realized signifliant savings In hosting services. 

• Data.gov - Data.gov, one of the first public facing Government websites to successfully 
deploy cloud computing, is the central portal for the public to find, download, and 
analyze data generated by the Federal government. Today, there are more than 
380,000 data sets covering topics ranging from geospatial to commerce to education. 
Oata.gov also hosts communities, such as health.dat3.gov, tiiat serve as platforms for 
participants from across academia, business, government and the general public to 
share ideas and take action around specific topic areas. Public participation and 
collaboration have been essential to the success of Data.gov, as citizens can contribute 
to the site through forums, feedback tools, and the development of Innovative 
applications. Citizens are also empowered to create mash-ups of information that pull 
together data sources to solve problems and build awareness of the Government's role 
in dally activities, sudt as food safety and weather prediction. Data.gov promotes the 
efficiency and effectiveness of our government by enabling the public to become active 
participants in strengthening our Nation's democracy. 

• Challenge.gov - This government-wide challenge platform Is hosted in a cloud 
computing infrastructure service to facilitate government innovation through challenges 
and prizes. This tool provides forums for seekers (the federal agency challenger looking 
for solutions) and solvers (those with potential solutions) to suggest, collaborate on, and 
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deliver solutions, it allows the public to easily find and interact with federal government 
challenges. The platform responds to reputrements defined In a March 8, 2010 0MB 
Memo, "Guidance on the Use of Chaltoges and Wtes to Promote Open Government" 
which included a refiutrememto prmdiie a w^based challenge platform within 120 
days. 6SA Is al^ e*ptoring acdUisWon opttms to mahe it easier for agencies to procure 
products and services related to challenges. 

• Citizen Engagement natfonn (tXP) - CEP te a cloud4)ased platform that mahes It easier 
for agencies to use social media tools that are compatible with federal taws and policies, 
including tools that are accessible to persons with dtaabilittes. The platform is built Off of 
our experience in providing a cloud-based ideation tool to h^p all departmmtts and 
agencies coHect public feedback and advice on their open government plans and 
actions. GSA's Center ter New Media and CIttzen En^gement is building a folly- 
functioning software as a service storefront In a secure government space. The software 
allows government agencies to easily deploy tools such as blO|p, wlfcis, and forums, and 
a URt shortenerto help engage with the public In a simple, cost-effective way. All tools 
for the Citizen Engagement Platform are based on open source code, making them 
widely shareable across government. 

Conclusion 

Mr. Chairman, the General Services Administration is leading the Adminlstratton's charge to 
make government more open, transparent, and effective for the citizens it serves, in our 
increasingly data-centric and network-based world and workplace, effective and efficient 
procurement and implementation of information technology will be paramount in making sure 
that the federal goverrunent closes the IT performance gap between It and the private seaor. 
Cloud computing, data center consolidation, and open government are key Initiatives that can 
and should be pursued with all possible Impetus on the part of the federal enterprise to ensure 
that wasteful, duplicative IT spending is brought to a halt and ultimately eliminated. 

Information technology Is not a core competency for any federal agency, but rafiier. Is a 
support mechanism to enable day-to-day operations. 

Thank you for the opportunity to appear today. I look forward to answering questions from you 
and members of the Subcommittee. 
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Abbreviations 

CIO diief information officer 

rr infonnation technology 

0MB OfficeofMatu^m^t and Budget 
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INFORMATION TECHNOLOGY 

Continued improvenwnts In Investment Oversight 
and Management Can Yield Billions In Savings 


What GAO Found 

0MB has inq;»roved the oversight and management of IT Investm^its throng 
multiple initiatives. ^ establishii^ It Ihishbt^d, 0MB has thawn 

actional attention to over BOO troubled IT mvestxnents at federal agendes, 
totaling $20 bUSon, which Is an in^rov^nent from die {n^vioui^ used 
oversight mechaniBms. the Federal Chkf Informaticm O^er (CK>) 
recognized that the Dashboard has tncres^ed the accountability of agency 
CIOs and established much-needed vidbUity into investment performance. 
However, GAO has found that the on the Dashboard are not alws^ 
accurate. Speciflcal^, in reviews of selected investments from 10 t^endes, 
GAO found that the IHshboard ratings were not always consistent with 
agency cost and schedule performance data. In these rep<»ts GAO msuie a 
number of reccunmendations to OMB and federal ag^(^ to improve the 
accuracy of Dashboard ratings. Agendes agreed with these recommendations, 
while OMB agreed with all but one. SpedBcally, OMB disagreed with the 
recommendation to change how it reflects current inTCStoient perfonnance in 
its ratings because Dashboard data are updated on a monthly l^ls. However, 
GAO maintained that current investment performance may not always be as 
ag>p8renl as it diould be; while data are updated monthly, rathi^ include 
hi^rical data, which can mask more recent perfonnance. 

In addition to the Dashboard, beginning in January 2010 the Federal CIO 
began leading reviews — known as 'TechStat" 5esdons~-of selected IT 
investments involving OMB and agency leadership to increase accountability 
and transparency and improve perfonnance. OMB oflicials stated tha^ as of 
December 2010, 68 sessions had been held and resulted in improvements to or 
termination of IT investments with performance problems. For example, the 
June 2010 TechStat session for a Nati<mal Archives and Records 
Adntinlstration investment resulted in the halting of development fundmg 
pending the completion of a strategic plan. In addUion, OMB identified 26 
additional hi^tpriority IT projects and plans to develop corrective action 
plans with agendes at future TechStat sesdons. According to the Fe<kral CIO, 
OMB’s efforts to improve management and oversight of IT investments have 
already resulted in ^ billion in savings. 

Additionally, In December 2010, OMB issued an 18-month plan for reforming 
federal IT management that has five mgjor goals, including strengthenhig 
program management, streamlining governance and in^rodng accountabihty, 
and using shared solutions, among otii^. These goals and the phms in place 
to support them are consistent with GAO’S work hi^iiighting IT management 
and governance weaknesses, as well as work to identify di^licative activities 
In the government As part of this plan, OMB has initisUives under way to 
strengthen agencies' investment r^ew boards and to consolidate federal data 
centers. 

GAO has ongoing woric to review the Dashbosu'd and other OMB irutiatives. 
Continued OMB oversight and the implementation of Its 18-month pism along 
with outstanding GAO reccunmendaticms, could result in iiuther significant 
savings and increased efficiency. 

UnlWd StaVM GovemmetU AccMinlibtSty Office 
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April 12, 2011 

CSiatenan Carper, Rankii^ Memte Brown, and Mem%«s of the 
Sabccanmittee: 

I am pleased to be here today to discuss the federal government's 
key activities and efforts to im^ve ffie nuwa^emmtt of Wortnation 
tedmology (IT) investments, tomihig an esffmated $79 biUioii for 
Sacal year 2011. Given the size of ttiese investments and the 
critics^ty of maity of these aystmns to the health, economy, and 
security of the ludkm, it is important that the Office of Kthm^ement 
and Budget (0MB) and fedmtal agencies provide r^pn^riate 
oversight of and adequate traiuparency into these progrmns. 

During the past several years, we have Issued mult^ile reports and 
testimordes on OMB’s initiatives to highlight troubled projects, 
justify IT investments, and encourage the use of project 
management tools.' We made numerous recommendrtions to 0MB 
and to federtd agencies to inmrove these initiatives to Anther 
enhance the transparency, oversight, and management of IT 
projects. 


As part of its response to our prior work, 0MB deployed a public 
Web site in Jime 2009, known as the IT Dashboard, which provides 


'S«« for example, OAO, Jnfymiation Tet^mology; QltWHiuMad 6 fy^»ovemeMStoJt 8 
Dashdtmti but i’iirtfierW'orlrb /deeded by AgendeamdOSiB to Ehsutv Data Aecvraey', 
GAO-ll-re: cwaalilnglen, DC.; Her. t«, ZSll): bdtutaadm ncbmMgy: amkHaOboaid 
ItaaUKraasadltanparaKyandOvaiaii^ butbrgaovaamttaNeadab^ GAO-lOtOl 
(Wa8tdngton,O.C.;ruL ibi^itfiibdbinatkmTatiatQb^fbdmiJ^d^ib^adto 
^nngtlmbwealmmBoaidOvafdthtttfAmlyl'tamedandPaiamltigfr^ixa, QAO- 
()9.SS6 (WaaSnsfon, D.C.;.rune 30, 3090); JbdonndiOB Sbdmoi&gy: Mmagebmdand 
Ovara^ofibttbKbi7btaSbgBSUMaofVegaibNaedAaentioti,GA0^^4T 
(WaaUnglon, D.C: Apr. 38, 3000); Mxmdion n>dmalagy:A 0 mdesmde»mSbauld 
StimngtbanJbTK!asaeafyrJdanti(fiiVandOivdeaingJB0^cPtdeeta, OAOesSl? 
(Washington, D.C.: JWw 15, 2006). 
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detailed information on fed^aJ agenc^’ miyor fT 
inclu^ttg assessments of actual performance against cc^ mtd 
schedule targets (referred to as rath^) foe 800 rmOm- 

fed^cal rr investments. The Dashboard ts httended to inmnxve the 
transparency and oversight of these investments. 

You amced us to testily on OMB's key efforts to Ihe 

ovezsi^t and management of federal IT projeds. ^>eciSc^]y, my 
tesdmemy covers OMB’s efforts to hm>rove FT rrmn^ement— in 
^uticular, thiou^ the use of dte Dashboard m4 its r^m^tly 
announced FT reform plan.’ In preparing tois testhnemy, we retted on 
prior GAO reports and testhn^es that assessed the go\'^mment’s 
managem^t of FT mvestments, Including OMB’s Da^dtoazd, 
^encies’ oversight boards, and agencies’ use of project 
managemmit tools.* All of our work for these reports md 
tesdmonies was performed in accordance with generally accepted 
government auditing standards. Ihose standards require dim; we 
t^an and perform the audit to ebtam sufiknent, ^^rc^rime eiddence 
to provMe a r^iScmable bams fm our dndmgs and conditions 
on our audit oblecdves. We believe that the evidence obtmned 
provides a reasonm>le basis for our findings and condtssions based 
on our audit objectives. 


rr &ivestin«nt means a ^Mem or ait aoqufeitton reqmring qpediU manasement 
attenOon beoniae tt: has aignUkant importance to Ste mlsalon or ftmetloii the ^eney, a 
ernnpanett Ute asEn<^, or another 0 l 9 ua^aUM^ i» for flnmcial managnnent and 
obiigBtea more that 1600,000 amtoaSy; has lignillcant pr^ram or in^tUcationa; has 

high execottve varibCttjr, has high de v^pro en t , operatt ig , or maintenaitee coats; is Antded 
through oUw than dkect anffoprMiaa^ or is defined as nu^r ^ the ai^em^s <»pital 
l^smiing attd tnvestment control process. 

’OMB. SSP^tJiivUenmttaticn Fian to Refxm fhfettUlnfynna^m Tbehnok^ 
Mmveinenl<Wa8hington, D.C., 2010). 

*GAC>-ll-262;6AO>lS7Dl; GAO, Mtamatiw Ttdmok^Agem^lilbetitoSTyotovettie 
Imp/em&ttMtion anti [Jbe afSamed Vaiae 7Mndt;pieatoU^Matta^M^l^^em 
AaptisKions, GAO-UV2 (Washington, O.C.; Oct B, 2009); H^mnatim 

reeftnoft^ Agemaiea A^eetf IP 

Flntfectf'CaaH SefietAik^ rndF^fyananco GA04)SS26CW^h^^, D.Cu Ms 31, 
2008): Jhtbmat/on TMuKthgsrAgendeoNaedto^npnw^^Atxwwii^F^^^^^ 
^tveotmantJMnmat/an, QAOOS250 (WasUi^ton, D.C: Jsii. 12, 2006^ 
raehaoAtgyMaauemeat: GovommeatwidoStn^gicFknning^ F^^ananceSfeasmmmt^ 
amfihraWmwii&nascsmnr GAO<&M8(WiffildnE^, D.C.: Jan. 

12,2904). 
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Background 


Bach year, 0MB and federal agencies work together to detemdne 
how Much die government plans to qpemi on If prc^stss and how 
flinds are to be allocated. The RrraSdent's Budget for ftecal 
year aill totaled an estimated $79.4 tthon for IT investments. 
Figure 1 di^lays the breakdown of agencies’ phmimd IT 
ettoanditures for fiscal year 2011. 


Flgimi:8i«alcilownol$7«4BlfflBnisniiimfdlTlinHlni«UaWrnseatVMr2et1 



0MB plays a key role in overseeing the implemenfedlon and 
management of federal IT invrabnents. To inesrove oversight, 
Congress enacted the Clinger-Cohen Act of 1996, wWch requirra 
OMB to establish processes to anMyze, track, and evaluato the risks 
and results of m^r coital investment in hikumation ^pstoms 
made by federal agencies and reptwt to Confess cm the net progrmn 
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perfonnance benefits adUeved is a resdt erf fivese Investoieuts.' 
Furttier, the act places lesponsIbiU^ for inana#^; tnvettaients with 
the hea^ of agencies and estdblistm cMef iirforEtt^ion officers 
(CIO) to advise and assist agency heai& In carrying ont this 
responsibility. 

To help carry out its ovetsigM: tote, In 20(fi CHffl ^tabfidied the 
Management Watch Ust, which induded mtesion^cttical pojects 
that needed to improve p^ocmanee measures, prefect 
management, IT seeuii^, or overall justlficmion, Further, in August 
2006, 0MB established a Hi^-Risk list, which condsted of projects 
identified by federal agencies, with the assistance of 0MB, as 
requiring st^al attention fiom oversight mithortfies and the 
hipest levels of agency management. Our reviews erf these efforts 
have highlighted many issues regarding the aceurmy^ and usefulness 
of these lists.* To address these issues, we made mutt^e 
recormnendations to 0MB, including disclosing tisks and 
deficiencies erf trembled projects and reporting to Congr^ on 
remeefiation plans for these projects. 

More recently, in June 2009, 0MB replaced the Management Watch 
List and H10v-Risk Ust with a public Web site — ^known as the IT 
Dashboard — to further improve the tran^arency toto and oversight 
of agencies' IT investments. It di^lays detailed information on 
federal agencies’ m^or IT Investmmits, mduding amessments of 
actual performance gainst cost and schedule targets (referred to as 
ratings) for {mprcndmately 800 mg^ fedoal IT investments. 
Accorffingto 0MB, th^ data are inimtded to provide a near real- 
time perspective erf the performance of these investments, as well as 
a historical perspective. Parflier, the public di^ilay erf these data is 
intended to allow COIIB, other oversi^t botfies, InciutKng Con^^, 
and die general public to hold govetmnent agencies aecountmite for 
results and progress. 


‘40U.S.C. i 113<K(C). 

•OAOeS^T; GAOeS-lOSlTi GAOCT-IZUT, CIACM»-I098T; 0A04!e-M7, OAO«.671Ti 
OAOUMTS. 
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Pnor Review of Agencies' IT liivestoent Governance Have Identified Weaknesses 

We have previousb' reported cm the endurir^ chaUen^ ftat 
agencies have in effectlvel;^ managing IT investments. 
%)eciflcaUsr, we found that agenda had wetdcneraes in Kveral 
areas relating to the oversight, budget JttMcadon, planning and 
management of these investments, among others. 

• In January 2004, we reported that agendes did not alws^ have the 
medumidns in place for investment review boards to eflecHvely 
control their investments.' Among other things, we repotted that 
selected agendes largely had FT fovestment mam^ment boards, 
but th^e boards did not have key policies smd procedures in place 
for ensuring that projects ate mee^ expectdicms. A^ndes dted a 
variety of reasons fCH- not having these mechanians hi place, such as 
that the CIO position had been vacant, a re<{uirmnent wts not 
included in guidance, or tiiat the process was beii^ redsed. We 
made recommendations to the agencies regarding tiiose practices 
that woe not fdly in jdace. 

• In January 2006, we farted that the underlying stqiport for 
agencies’ IT bu^et justifications for IT investments (OMB’s Capital 
Asset Plan and Business Case, also known as the exhibit 300) was 
often inadequate.' Specifically, we found weaknesses in ail 29 of the 
epcMbtt 300s that we reviewed. For exanqde, 21 investments were 
requited to use a^edllc management systw as tire basis for the 
cost, schedule, and perfotmamce infornudon in the exhibit 300, but 
only 6 did so following OMB-required standards. We made 
recommendations aimed at improving related guidance and training 
and at eirsurirrg the disclosure and mitigation of limitattons on 
reliability. 

• In July 2008, we reported that approximately hatf of the federal 
government's mtyor IT projects had been rebasettned— Le., had 
modifications made to their cost, schedule, and perfotmarice goals 


’OAOC4.18. 

'GAcwam 
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to reflect changed drctanstances.’ Reasons for Ihese rebaseiitt^ 
included changes in project goals, change in funding, or inaccurde 
oidgnal baselines. We also found thtU i^encies lacked 
comprehensive lebaselining policies and ftat wMioutsueh policies, 
baseline changes could be used to mask cost overruns or s^edule 
delays. We reccunmended that 0MB issue gtodance for rebineiining 
policies and that the mayor agencies ^elt^ policies dud address 
identified weakitessea. Consequmitly, CddBi^ed amemorandum 
in June 2010 on baseline managemoit dial inovided this guidance.'" 

• In June 2009, we reported that about half of the projects we 
examined did not receive selection reviews (to confirm thtd they 
stq>port million needs) or ovmi^t reviews (to amtre that they are 
meeting expected cost and schedule targets)." Specifically, 12 of the 
24 reviewed projects that were Identified by OJffi as teing poorly 
planned did not receive a selecthm review; and 13 of ^ poorly 
performing projects we reviewed tfid not receive an over^^t 
review by a depaitment-ievel board. To address thrae wesdmesses, 
we ma& reccunmemdations to sheeted agencies to improve toeir 
department-level board represmtation and selection and oversight 
processes. 

• In October 2009, we repotted that selected agencies' policies were 
not fUUy consistent with best praettoes for a key prt^ram 
management totfi." %recifica%, most agencies’ policies lacked 
sgqftroprlate earned value managemmit training requirements and did 
not adequately define criteria for retdsing bashes. Earned value 
management is a project management apiuoach that, if implemented 
appropriately, provides objective reports of prrpect stmus, produces 
early wrutiing s^ns of impending schedule delays and cost overruns, 
and {Uovides unbiased estimates of anticipated coats at completion. 
Additionally, we reported that for 13 of 16 selected hrvettatents, key 
practices necrasary for sound earned value management execution 


’GAOC8.92E, 

toMB Memomndum, H-ISC?. 
"(}A<W»-066. 

“GAO-10-2. 
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had not been implemented. FfnaUjr, we esUmeied the total cost 
oveaun of these investments to be {dtoiit $3 bilBon ttt prc^ram 
comtdetton. We recommoided that the sheeted aj^endes modify 
poU^ to be consistot ^th best ptactlces, taptement practices 
tJwt address identified weaknesses, and mamge negative earned 
value trends. 


0MB Has Several Mtisrtives Under Way to Improve the Oversi^t 
and Management of IT Investments, but Continued Attention Is 
Needed 

OMB has initiated several efforts thid have in^rovedffie oversi^tt 
and transparency of IT investmaits. As discussed earlier, OMB 
deployed its IT DaMiboard in June 2008, providii^ stalled 
infonnathm, including performance ratings, for over 800 major 
investments at federal agencies. Each investment's performance 
data are updated monthly, whidt is a major improvmnent from the 
quarterly reporting cycle used by OAffl’s prior oversi^t 
mechanisms. 

As of March 201 1, tiie Dashboard provided visibility into ovm* 300 IT 
investments, totaling almost $20 billion, in need of management 
ahention (rated "Vdlow” to indicate the need feu attention or “red” 
to indicate significant concerns). (See fig. 2.) 


eager 
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2; Performance Rating* on the Dashboard, 

as of March 2011 


$2.0byHon 
^ Inv^stmefits 



SwMee: OMS'« OMhboanj. 


Ttie Federal CIO stated that the Dashboard has greatly improved 
oversight capabilities compared to previously used mechanisms, 
increased the accountability of agencies' CIOs, and established 
much-needed transparency. 

However, in a series of reviews, we have found that the data on the 
Dashboard are not always accurate. Specifically, in reviews of 
selected investments from 10 agencies, we found that the 
Dashboard ratings were not always consistent with agency 
performance data. 
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• wer^FtedtMco^sndmteilalepeitanaRce 
rating were not {dwasis accuacate JEMc salted iiwestffteite." 
^>ecificaUy, m renewed iiwes&nen^ at dm Bepaiunenls of 
Agriculture, Defense, fMetgjr, IfeMdi HWati Sertdces, snd 
Jusdce and found that the cost md stdiedule ra^i^ on te 
Dashboard were not accurate ftw 4 rtf 8 selected irwestwenla and the 
ratings did not take into consider^m currwt perhsmtace For 
exain{de, die Dashboard rated a Justice invesdimt's cost 
performance as “green” from July 2{W dirou^ Jmway 2010, but 
our analysis tdiowed the invetamenfs cost perfMaiajce was 
equivalent to a “ydlow” rating, meaning it tteetted attentkm. We also 
found diat there were large inconsistenrdes in die number of 
investment activldes that agoicies repint («i die Dashboard. 

• In March 2011, we also reported that agencies and 0MB need to do 
more to ensure the Dashboard’s data accuracy." Simcfflcally, we 
reviewed investments at die Departments of Homelimd temity, 
Transportation, Treasury, and Veterans AffMrs, and die Social 
Security Adroinistradon and fomd that coeA ratings were inaccurate 
for e !tf 10 selected investments and schedule ratings were 
inaccurate ford of 10. We also found weaknesses hi agency and 
CM(B pracdces omtributing to die inaccuracies on die Dashboard. 

In pa^cular, we found that agencies had iqiioaded inconsistent or 
erroneous data, Miled to submit data, and/w used unr^htde source 
infomiadon. A^ttonaUy, we found that OMB’s ratings understated 
some schedule variances andihd not emphasize cunmit 
performance. 

In these reviews, we made reccmtmendadons to the agencies and 
OMB aimed at improvit^ data accuracy on the Dashboard. 
Spedfically, we recommended that the selected agenda comply 
with OMB’s guidance to standardize activity r^nrthig, provide 
complete and accursue data to the Dashboard oh a mwiily bass, 
and ensure that CIO rathigs disdose issues that could undermine 
the accuracy of investment data. These agencies gmieraily 


“gao-io-toi. 

“aiU>U-26Z 
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cwicwnred with our recommendations. We ijso recwBnendea that 
OMB improve how it rates investments reiated hi cmrent 
performance and schedule vaiiance. tatiier, we rectmtaeadted that 
OMB report (81 the ^ect Of plmtM (diai^ej to the DaMoM and 
provide guidmice to agencies to staadacdte reporting. OMB agreed 
widi most of these recommeniMms hut dimpeed whh ttte 
reconunendatlon to change how it reflects wnswit investment 
performance in its rmmgs becaime MshhcmW dt^ me imdated on a 
monddy basis. However, we mainMaed tot current tavesBnent 
pertonumce may not alwsws be as rppaient as it idiould be; while 
data are updated monthly, ratings inrdude historical data, which can 
mask more recent performance. 

Our recent and ongoing work has identified addidonal opportunities 
for using die Dashboard to increase operatimtm efficiency and 
re^e cost savings. As part of our first report rmponding to a 
statutory requirement that GAO identify dupficadve golds or 
activities in the federal ^vemment, we reported on the potential for 
further si^uficant mivings if OMB Implements plumed 
improvemmits to the Dashboard, along with outstanding GAO 
rerximmendations.'' We also have ongoir^ wink to evaiuate the data 
movided by the Dashboard in order to determine the extent to 
whi(h ancles may be investing in similar projects, as well as 
OMFs efforts to idend^ and act on such dupUcadve investments. 


Recent OMB Efforts Have Resulted in Improved Management of lyoubled IT 
Investments 

Drawing on the visibility into federal IT investments provided by (he 
Dashboard, OMB has initiated efforts to irrmrove the management of 
FT invesbhentsneeding attention. In pardculat, inJtewary 2010, the 
Federal CIO began leadhig Techtod: sesskms-^ review of selemed 
rr investments between OMB and agency leadectop to increase 
accountability and transparency and improve performance. OMB 
has identified factors that may result in a TechStat session, such as 


‘foAO, Qp/mtunities fia JMaco PotentiaJDt^xBcs^onin Govenmentl^ei^mta, Smv Thx 
DoSars, and Enhance Revanae, GAO-il.318SP (ffa^lington, D.C.; Mk. 1, 2011). 


F<wro 
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iwlicy interests, Dashboard data iaconsi^encies, recaning patterns 
of problems, or an 0MB antdya’s concerns with an iiw«toent 

As of December 2®10, 0MB ottclals stated that S8 TeehStat s^ons 
have been held with federal agencies. Accordhig to 0MB, these 
sessions have enabled the govranment to iiifltrove or terminide FT 
investments that are experiencing performance problems. For 
example, the dime 2010, TeehStat on Bie NaUoMd Archives mid 
Records Administration’s Electronic Records Asidilves inv^ttnent 
resulted in six corrective actions, including tadtbig fiscal year 2012 
development funding pending the cranpletton of a str:^^ plan. In 
January 20 1 1, we reported thm the National Anddv^ and Record^ 
Adrninimraticin had not been positioned to IdmiS^potenttai cost 
and schedule problems eariy, and has not been tdite to t«te tiraely 
actons to correct problems, dd^, and co^ increases <m Bite 
system acquisition pro^am.’' Moreover, we ^Uffiated that the 
pro^am would likely overrun costs by between $206 «d $405 
milBon if the agency completed the program as tnighiaUy deigned. 
We made multiple recommendatiots to the Archives, including 
establishing a comprehensive plan for all remaining work, improving 
the accuracy of key performance i^rorts, and enga^g executive 
leadership in correcting negative performance trentte. The Archlvi^ 
of the United States general^ concurred with our recommendations. 

0MB has also identified 26 additional high-priortty IT projects and 
plans to coordinate with agencies to develop coirectiye actions for 
these proslects at future Tetd^tat sessions. According to 0MB 
officii, 0MB and agency CIC^ ktendfied these projects umng 
Dashboard data, TechSUd sessions, and other forms of research. For 
example, 0MB directed the Department of the Intmtor to esttdiiish 
incremental deliverables for its Incident Management Anal^is and 
Repotting ^rstem, which will accelerate delivery erf services that 
win help 6,000 law errforcement officers protect ttie nation's natural 
resources and cultural monuments. 


*GA0, Sl9cO<on^cJlecotdbAnA^vt:^^taoimtAtvh^vwJ^e^&mStm0^m^MO^3^lcia'to 
U^BMUKd VahfTKMyaaiaMmtatmamilOmiseiijDemksmmt, GAO-ua6 
(Washington. P.C.: Jsn. 3011). 
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According to OMB, toe TechStat sesidoia and other 0MB 
management reviews have r^ulted in a 13 btton teducdon in Ke- 
cycte costs, as of December 2010. Fuitoer, OliB officials stated toat, 
as a result of these sessions, 11 investments have been reduced in 
scope and 4 have been cancelled. Addittonai oi^oitonittes for 
potentird coK savings and eSldemd^ esdst with toe use of the 
Dashboard by executive brandt s^encies to identify mid make 
decisions about poorly peifonning investmm^ as well as its 
continued use by congressional committees to suj^it crMical 
oversight ^orts. 


Etecent OMB Plan Aiiras to Reform IT Management 

In addition to toe efforts already described, in December 2010, OMB 
i^ued its 2S Point Jmplemaitatim Plan to B&toim PedenJ 
latontmtion Technology Management, a plan panning 18 months to 
reform IT management throughout toe federal government The plmt 
contaiiw five major goals: 

• strengthen program management, 

• align toe acquisition and budget proceraes with toe technology 
cycle, 

• streamline governance and improve accountability, 

• increase eng^ement with industry, and 

• apply “light technology" and shared solutions. 

Many of these major goals, and their supportii^ reform initiatives, 
are consistent with our body of work on IT acqaisttton ismies— 
which has shown a lade of implementation or execution of critical 
project management and executive governance aetivlttes. For 
example, as previously discussed, in a June 2000 review" of 24 IT 
projects identified hy OMB as needing the mom attenion, about half 
did not receive selection or oveisi^ reviews by a^cy ^vemance 
boards. OMB's plan acknowledges this issue smd calls for ^ncy 


”GA<X)9.666. 
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bivesijnent Review Boar^toibe restluEttired sccoidii^ to OMB's 
TechStst session model, in si^on Of tiie goal to ^leamline 
govemmice and inqiiove accotmtsMi^. 

Additionally, in siqiport of the goal to ^)>ply “ii^t technolc^” and 
Stared solutions, the plan outlhtes OMB% I’edeiai Data Center 
Conscgidation Initiidive to guide federal agenda in deveioph^ tuid 
implementing data center consolidation plans. AccordtHg to 0MB, 
the number of federal data centeis grew txm 4^ to 1£^ to more 
than 2,000 to 2010. These data centeis often house dmtlai Qpes of 
equipment and provide dmilar processing and storage cs|){d>ihdes. 
These factors have led to concerns associated witt thepmvidon of 
redundant capabilities, the underutilization of resource, and die 
significant consumption of energy, to our MsuCh 2011 report* on 
dtplictoive goals or activities within the federal gov^nment, we 
noted that data cmiter consoBdadon makes smise economically and 
as a wtqf to achieve more efficient IT tperations. However, we also 
describe key challenges associated with ttds effort, such as 
agencies’ ability to ensure the accuracy of their inventtnies and 
plans and integrate consolidation ^ans into fiscal yetu 2012 agency 
budget submissions (as required by 0MB). 

to October 2010, 0MB retorted that all federal agencies had 
submitted consolidation plans. 0MB plans to monitor agencies’ 
progress through aimual reports and has established a goal of 
closing 800 the over 2,100 federal data centers by 2015. We are 
currently evaluating the data centm- toltiailve as well as agencies’ 
efforts to develtp and implement consolidation plans. 


to summaiy, OMB's recent efiorts have resulted in fester over^^t 
and management of federal IT investments, but continued attention 
is necessary to build on the progress Ihto has been made. For 
example, 0MB and federal agencies need to irtprove the accuracy of 
tofoimtolon on the Dashboard, and continue to use OMB’s TechStat 
sessions to address troubled invesUnents. to additibn, the full 


“GAO-Jtei8SP. 
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implementation of OMB's iSknonii ioatiin^ to iJ^nn federal IT 
management, alrnig with outstanding GAO recomnMuUtions, 
^ould result in more effective fl ntffiiagemmtt ®d deftveiy of 
missionciitictd ^sterns, as ss finther reduction in viasteftd 
spending on poo^ managed investments. 

Chairman Carper, Ranking Member Brown, and Members of the 
Subcoirunittee, this ccmcludes my statement I would be hs^ipy to 
answer any questions at this time. 
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Appendix I: GAO Contact and Staff Acknowiedgemenfcs 

H you should have any questions ^wut this t^Omenyt i^ease 
contact me at (202) 512^9286 or hy e4naU tapownerd@po»gov. 
Individuals who made key contrfliations to Ch^ tesOnoiqr are Carol 
Cha, Assistmit Director; Lee McCracken; and Kevin WMsh. 


CSIISM) 
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Testimony of Stephen W.T. O’Keeffe 
Founder, McriTalk 
before the: 

Senate, Subcommittee on Federal Financial Management, Government Information, 
Federal Services, and International Security Hearing Titled: “Examining the President’s 
Plan for Eliminating Wasteful Spending in Information Technology” 

Chairman Carper, Senator Brown, and distinguished members of the subcommittee, thank 
you for the opportunity to speak today. My name is Steve O’Keeffe, founder of MeriTalk, the 
government IT network. MeriTalk is an online community that combines professional networking 
and thought leadership to drive the government IT community dialogue. 

Why Modernize Government IT? 

The Federal government currendy spends north of J80 billion - with a B - on IT. That’s a 
lot of jingle — 33 percent mote than the Gross State Product of Delaware. Were it a standalone 
Federal department, it would be the eighth largest - just ahead of the Department of Transportation. 
Despite talk about doing more with less, that number grows every year. According to Federal IT 
leaders, neariy half existing agency IT applications - 47 percent - are based on legacy technologies in 
need of modernization'. These same leaders estimate that they spend almost half their IT budget, or 
$35.7 billion - again with a B - to support these technologies. Four out of five C-level IT executives 
say if their agency does not modernize legacy applications, mission-critical capabilities will be 
threatened'. 

If the definition of insanity is doing the same thing and expecting a different outcome, then 
Vivek Kundra deserves high praise for introducing much-needed new thinking into Federal IT. 

Since taking office in 2009, Mr. Kundra has injected many new concepts into the Federal IT 
mindset. From cloud computing to data center consolidation to continuous cyber security 
monitoring - these new ways of harnessing IT have proven their value in the private sector. 

Without question, if the Federal government is expecting to realize much-needed change in Federal 
IT results — and certainly taxpayers are — we need to accept and invigorate efforts that change 
Federal IT practices. Further, we should expect change in results commensurate with the change in 
practices. There is no such thing as a free lunch. 

Are We Really Talking About Reducing the Federal IT Budget? 

This is the information age. As we wrestle with the deficit, we should not merely look at IT 
as an expense item. IT is a powerful tool to enhance efficiency across the Federal government. 
Today, the notion of the Federal government investing is not very popular. Might I be so bold as to 
say that the future of Federal IT is not really about reducing the amount that we spend on IT. We 
need to leverage IT as a force multiplier to reduce the cost of government — and at the same time 
enhance the quality of service we provide to America. We need to radically increase the value 
density of IT - not necessarily reduce the total spend. 


’ "Federal AppEcation Modernization Road Trip,” January 11, 2011, http: / /www.meritalk-com / fedappmod 
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The 25 Point Plan and the 10 Commandments 

The purpose of the hearing is to provide some perspective on OMB’s 25 Point Plan for 
restructuring Federal IT - and importandy to allow OMB to make the case for a $25 million budget 
to fund the implementation of this plan. 

Like many others, my first review of OMB’s 25 Point Plan ended in confusion. 25 points - 
really? When I was a small boy in school, I had profound challenges remembering the 10 
commandments — and there were only 10 of them. 

Moreover, while we all applaud the notion of tangible deadlines, these add an enormous 
layer to the completdty of the outline while doing little to enhance the credibility. Setting deadlines 
is not neatly so important as managing them, and is OMB really going to manage each and every one 
of these line items and associated dea^nes? In addition to other eristing initiatives? 

What Does Federal IT Think? 

As we did last year for this Committee’s Open Government Hearing, MeriTalk launched a 
survey of the Federal IT community to get government and industry perspectives on the 25 Point 
Plan. Launched March 14 on the MeriTalk site, the online survey quickly received some 269 
responses from government and the supporting industry IT community. We asked respondents to 
rate each point of the plan based whether it was 1) Desirable; and 2) Doable. 

Net Upfront - Desirable Yes, Doable Unclear 

The net upfront is that the community feels that all points are desirable, but there are serious 
questions about executability. Interestingly, govies are less optimistic about doability than their 
industry counterparts. 

Join the Dots - Point-by-Point Perspective 

Next, we asked the community to rate each point in the 25 Point Plan. As you can see from 
the All Respondents scatter gram^, the community doesn’t place equal value on all points. 
Interestingly, the evolutionary, nurturing, and easy to understand points score best - with design a 
formal IT program management career path topping the chart. 

The most revolutionary initiative - Cloud First - rated lowest. Data center consolidation hit 
roughly in the middle of the pack — with enabling government-wide marketplace for data center 
availability scoring mote poorly. I would note that cloud and data center consolidation are the 
brains and stomach of this 25 Point Plan. Considering options for simplification and prioptization, 
OMB might want to focus hardest on these programs — they offer the highest Rol. 

Civilian vs. Defense - Little to See Here 

As you can see in the charts’, civilian and defense respondents marched very much in lock 
step. Design a formal IT program management career path and launch a best practices collaboration 
platform top the charts. Interestingly, civilian agencies were more focused on reducing barriers to 
small innovative technology companies. Due to their dynamic mission focus, defense agencies 
embraced this approach long ago. DoD respondents demonstrated significantly greater appetite for 
shared services as well as optimism for executability. 


^ See Appendix A, Figure 1 
3 See Appendix A, Figures 2 and 3 
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Government vs. Industry — Lion Lies Down With the Lamb 

Interestingly, with the exception of government being less optimistic about the plan’s ability 
to deliver, government and industry are almost precisely on the same page in terms of the most 
important points'*. The exceptions, industry prioritizes the requirement to scale the IT program 
management career path government-wide as well as the requirement to issue guidance and 
templates to support modular development. It is no great surprise that these points are so 
important for contractors. 

If You Could Make One Change - Less is More 

Closing out the survey, we asked what one thing the Federal IT community would change to 
improve Federal IT. Both government and industry suggested that we attach accountability to 
objectives. Other hot recommendations — allow CIOs to retain funds they save, eliminate unfunded 
mandates, and reduce the number of objectives. Less is more. 

Three Cs 

The lesson of change is that it comes with confusion and turbulence directly related to size. 
Past a certain critical point, if people think that the program is unattainable - no matter how 
desirable it may be - the program will not succeed. The beadngs will continue until morale 
improves. As we move forward with the plan, the feedback from the community is clear. We need 
to simplify the message and focus on three Cs — Consolidate, Connect, and Calibrate. 

Consolidate: like any roadmap, the 25 Point Plan sets out a drivable course from the current 
location to a future destination. Rather than trying to get from point A to point B in a single haul, 
the plan should break down the journey into a series of manageable/attainable interim steps. 
Tackling the first five initiatives will not yield the same results as tackling all 25, but it would be 
“doable” change rather than just a paper tiger. 

Connect; To reduce the turbulence and confusion, we need to really sfep up the communications 
and education outreach initiatives to ensure that Federal IT professionals in the agencies understand 
the motivation and the methodology. The Federal government’s cadre of senior IT professionals is 
not equipped for, nor experienced at, driving change - we need to communicate the why, how, and 
what it means for your career in order to successfully operationalize desired change. 

Calibrate: And, critically, we need to only set goals that we really can and mean to measure — and we 
need to follow through on measurement and hold executives accountable. We need to recognize 
that the changes on the table are not easy. We need to set realistic timelines and we need to 
establish venues and tools to support Federal IT professionals as they move through profound 
change. 

The Carrot, the Stick, and the Dog Bone 

As stated above, if the Federal government is expecting to realize much-needed change in 
Federal IT results, we need to accept and invigorate efforts that change Federal IT practices. 

Change is hard. Accountability and consequences - both positive and negative - are not common 
characteristics in the Federal government. To succeed in transforming Federal IT - not necessarily 
in reducing absolute budgets, but in increasing value density and unlocking innovation to increase 
the efficiency of government writ large - we need to consider the individual motivation for change. 


^ See Appendix A, Figures 4 and 5 
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What’s In It for Me — WIIFM? for the executive and practitioner. If increasing efficiency 
means reducing total budget for next year, why would managers want this change? We need to put 
in place an incentive and penalty system to support the change outcomes we need — which means 
changing behaviors. We need to recognize that not all change initiatives succeed - and reward an 
increased risk profile. And, significantly, our Federal leaders need to “eat their own dog food” - 
practice what they preach and become the change they want to see in the community. 

Funding - Pennies for Hundred Dollar Bills 

Federal IT professionals estimate that data center consolidation and cloud can drive upwards 
of $14 billion - again with a B - in efficiency savings®. The Rol on this $25 million is hundreds of 
dollars for pennies invested. We need to make changes to realize these savings. The plan is good. 

It has the potential to drive real change in practices and therefore, real change in results. It needs to 
be simplified. The community is curious to understand how OMB will utilize the $25 million to 
operationalize IT reform. We note that funding is critical to the successful transformation of 
Federal IT. I’ll close with a verbatim quote from the survey: 

“The destination is good, we need to go there, but rU be damned if 1 can make any sense of 
these directions.” 


5 “Federal Data Center Addiction: The Road to Recovery,” November 15, 2010, 
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Gartner 


Testimony ofi^tii Sood 
Vice PreshfonL Government 
Vertical Industries, Gartiier 
April 12, 2011 

Senate, Sulieeminitiee on Federal Financial ManagenMinL Government 
Infommtion, Federal Services, and bitemationai Security Hemlng TMed; 
“Examining tire PresMentis Plan for Eliminating Wasteful Sfmnding in 
Information Technology” 

Chairman Carper and dtelinguished members of the subcommittee, thank you tor #ie 
opportunl^ to speEric today. My name is Rishi Sood and I am Vice President of Sovemment 
Res^rch att Cartaer. Gartner te the world's teading information technology research and advisory 
company and is a valuable partner to 60,000 clients in 1 1 ,000 distinct organizattons. 

In examining ttre Presidents plan, I would like to focus on the growth in federaf 
technology spending, the elements of the plan that will have an Immediate impact, and reform 
issues that win be importont over the long term. 

Federal Gevsrnment Technology Spending: A Snapshot 

To begin, federal IT spending has exploded over foe past decade. According to my research at 
Gartner, traditional IT spending by federal government organizations was approximately $32.2 
Mllion in 2001 . This year, it will reach $80. 1 billion. This Is an Increase of over 248% during the 
past 10 years. 

Whife much of the IT expansion is justified by growing federal opetab’ons (e.g. fighttng 2 wars, 
creating ttie Department of Homeland Security, managfog rising MedictoidMedtcare workk^ds, 
etc.), insufficient analysis has been given to foe cost effectiveness of federal IT standing. 
Additionally, some of the spending increase has not been effectively coordinated, resulting in 
seme cases to technology sprawl across the federal government 

Given fois diawaflc rise in federal government IT spending, there are a number of questions that 
need to be address«j: 

• Vlfoat is foe value and cost-effectiveness of IT spending? 

• To what ejttent Is ac(»untabHity adequately built into IT spending? 

• Wfoat ste(fe sfMwId tfe taken to invest ttre right amount in the tight applicafions while 
avoiding costty mistokes? 

VWilte foese qusalions are alvra^ important they are even more importarft in light of foe current 
budget batttes and fiscal constraints tttat wHI affect foture federal IT spending. Not only will 

P^elefS 

92^1 Gartmr. M)e.afK£^or1tSiAffiila^^l=^B}itsR^trvGd. GafNlCT 
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federal agencies face slower growth in !T ^eiMH Over Wef^cte»le, Krore may i>e cutbacks 
to current levels of IT spending. Urgent ^on to knprove IT spending is needed because 
reforms will take time to show r^ults. 

In shaping IT policies and actons, federal toaders shouM team from bands efnerging in (riher 
industries. For examfMe, many state & toitoi governments and private indirtries have been 
tofced to re^rond in new ways to economk: pressure arid technology investmento. Their 
responses oltor Iroy lessm about IT and Its Implications; 

• CentoMtEattMdConaoNdaMon/Ratioflaiization: Across Industries, there has been a 
(rontrortod effort to rroniraiize IT in order to harvest erronomfes of scirte. Thtets 
parffcuMy true of inffastructure spending, where the tocos has been largely on 
cwrsoMaUng data centers as well as ratior»lizlng technology assets across toe 
enterprise. 

• iRHHgenoe cri^ Cloud ComptMng: Cloud offerings represent a new meriurity cff internet 
servk»s toat offers new ways to finance IT modemizabon, reduce toe IT footprint, and 
eliminate maintenance costs. While security, data ownership, and vmKior viability 
issim remain to be twsolved, toe increasing ufflzaBon of cloud in the private sector will 
undoubtedly bring s^nificant change to government as well. 

• The Business Value of IT: Given the new economic climate, organizations have been 
strategically applying IT to deliver bottom line resulte. In this approach, busing cases 
are built around the value IT modernization would deliver to operational and business 
metrics for toe organization. 

to tite end, however, the true value of IT comes from toe Impact cf teehnotogy on government 
operations (e.g. Increased productivity, lower cost of service delivery, increased customer 
service, ete ). To succeed in these times, government must harv^t the upside potential of IT 
white limMng toe downside risk of imptementation fellures. 

President OtKwna’a 25 Point Reform Plan: Immadtate ImpBcts 

Given toe issues raised above. President Obama's 25 Point Reform Plan is a sbong path forward 
to abgn toe IT needs of fKleral government organizations with toe budget realWes. The reform 
creates gtterdrsMis needed to guide technology operaBons white continuing to prorriote innovative 
and actrountable technology use. In many respects, the reform plan lays toe intbal founctetion 
needed to ansurortoeguesions raised earlier (value, accountability, plication siz^ix) 

Several areas of toe reform plan will likely be most important for federal technology management 
and service ctelivefy. These include: 

« Foeus onanEnipoweiedCiOPOsitioit: These portions of toe reform plan vwH give 
eSsentlat support tor Federal CIOs to drive technology tftaiige across agency 
enterprises, empowered CIOs are needed to set enterprise |^ls, push standardiratton 

^ Pi^ZrrfS 

02011 SMier, lire. anUKiritsAflUn. All RIsM Reseived. 
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ttiough the organizaHon, and drive thdre eflident technology use. By strengtWerrtig ttie 
CIO position, there vrill be greater accouritabllity for achie^i^ targeted agetuqf goals, 

• Move to Data Center ConsolKiatton Plan: The increase in data certefs across the 
Federal Government ov^ the past decade has been dramahc. The tesk now is to 
consolidate nese data cen^ to drive down coste ardlncr^se efRcienoy. Harvesting 
economtes of ssale is orifical lor #16 effecdve alloeaten of federal t«*n(riogy 
invesbnenfe. 

• fdous oii Siiaiei Seivtcea; The move to shared senriws {rafter dian each program 
or agency serving it^O Orovidss an Important means tor federal agftv^ to maximize 
the value of terftnOh^y, create a services-ted approach to terftnology delivery, and build 
ftore ^ieient IT servlet across the gcwemment enterprise. 

• Adapt ^mnaetdal Beet PracBeee md Leverage New TeehnoiOgf SBati^iee: A 
crMtel aspect of the reform plan Is to adapt lessons learned arid best practices in private 
sertor technology for toderal government organizattons. EquaRy importent, iXMever, Is 
to leverage some of the emerging technology strategies that provide aNematlve ways for 
IT modembtedon. The tetomi plan's solutions tor acquisitions, commoditized services, 
the Cloud first policy, and secure tnffasbucture as a Service {laaS} are all rmpextent 
steps tor the federal government 

Longar Tarm Reform tesuaa 

The President's refonn plan includes other strategically important goals that will likely require a 
longer time horizon to implement These Include; 

• AddRIonal Investments in Government Peiaonnei; The federal government wHI need 
to invest in additional Contract Officers, Acquis^n Officers, and Program Managers to 
drive and execute real change In procurement acquisition, and management of 
technology projects. These investmente must include education and training to supjKirt 
newer methodologies (e.g. Earned Value Management), to understend new technology 
models (e.g. Cloud Computing), and to develop new skill-sets (e.g. updated and 
evolving project management methodologies). 

• Technotogy Vendor Outreach, ParbwiaMps, and Buy-in: ^ effective technology 
and service provider community is an essential part of tederal success wift IT. As larger 
reforms take root it will be vitel for the federal government to increase its outrear* to fte 
vendor community, to continue to work in a partnership approach wSft this (X 5 mmun%, 
and to secure strong buy-ln for fte changes ahead. Issues sutRi as procurement reform, 
timelines tor consolWatlon, focus on doud computing, etc., wilf ftl require ori-going 
dialog wift fte vendor community to develop the right path fonsrard. 

• An Agile Approach to IT: One of fte most difficult yet important aspecte of fte reform 
pten involves building a modular approach to technology investments. This will impact 

P^3of5 
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multiple parts of Itte tertinPlt^ lifecqiete gtonniiia, budgi^ag, procurement, vendor 
engagement, manageiTWM, etc.) ma M mtluire mere effective and detailed use 
of newer methodologies (E»T«ed Vataettenafemerit, Project Portfolio Management, 
ete.) to sopfWft gOTte. 

Goiictaaiona 

Pr^ent Obama's 25 Point Reform Plan represents an impoifont advance to harvest the 
teneWs of informaten technol^y while eliminating wasteful spendtog. While m»ry a^ecte of 
tf» reform pfem wiB teve an immediate impact, others will likely requitefflote time and confinuing 
tnveanente. 

In addition to the issuM described above. It will be important for tedetal officials to recognize foe 
following: 

• The reform plan Includes goals tor 6, 12, and 18 monfo fone periods. While 
foese goate are laudable, they may be overly ambifious. The fodeiei gmmmmeni is an 
enormous wrterprise and it is difficult to achieve significant structure chan^ in a short 
time hortem. 

• AsaMng Agencies Through foe Change: While some agencies have embraced foe 
change proposed, ofoer agencies may be more resistant to (foange. As foe reform 
plan moves forward, some agencies will need significant guidance and on^ing suifoort 
to ensure progress. Prcffter incentives and disincentives wi be critical in movfog 
agencies in a cohesive foshion. 

• The Technology Silver Bullet In the end, K must be recognized that informatfon 
technology represents foe best mechanism to improve government efficiency and lower 
the cost of service delivery. Consequently, IT must remain an area of continued 
aggressive investment The critical issue now is to protect and incentivize foe IT 
reforms noted here, so that federal IT will maximtze results while mlnimfelng mistakes. 

Thank you for your time and I look forward to your questions. 

Gotntteiny and Aaalyst Background 

Gartner, tec. fNYSE:iT - News! is the world's leading information technology resaarefo and 
^vteory company. Gartner delivers foe technology-related insight necessary for its offonte to 
make foe right dectelons, every day. From CIOs and senior IT leadens in corporafions and 
govwnment agencies, to business leaders In high-tech and telecom enterprises and professional 
servtes firms, to technology investors, Gartner is foe valuable parfowto 60,000 oitents in 11,000 
disflnct organizations. Through the resources of Gartner Researrfo, Gartner Executive ftograms, 
i^ttner Consulfing and Gartner Events, Gartner wmrks with every client to research, analyze and 
inWpret foe business of IT within the rontext of their individual rde. Founded in 1978, Garfoer is 
headquartered In Stamford, Connecflcut, U.SA, and has 4,4C® associates, including 1,200 
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research analyste afid eohsuNarts, and dIants fnflS countri^. For more Infermatton, dsit 
www.garmer.com. 

Rishi Sood is a vice preddent of gewrnment research at Gartner, where ire l^ds the Gatmer for 
Business Leaders research fdr ttre U.S. S&te and Locat Gavemtfient, U.S. Federd Government 
and Global Public S^OrprojFsms. In this capacity, S*r. Sood provides strategic direction for his 
cliente by helping them underetand irey business tesueS, leading ischnotegy mends and drivers, 
demand for IT solutions, indiMy best practices, compeWve landscapes, and foture scenarios for 
pubHo sector orgamizatitins. WWiin ttre stette and focal ^emment markefoiace, Mr. Sood 
specialte^ in ttre following ^rrey segments: h^tth, human services, taxfrevenue and public 
safety. Mr. SocKfs key techndt^y areas include: Cloud Computing, E-Government, CRM, 
Outsourclt^, Homeland Security, ERP and agency-specific soluttons. 

VMthin the U.S. federal government market, Mr. Sood focuses on the civilian, defense and 
Infotligence agency segments. His key technology areas include Cloud Computing. E- 
gmremmenL Cybersecurity, RFID, CRM, IT Servkres, Outsourcing, Analytics and ERP. Mr. 
Seed's key business issues are government healthcare, homeland security, susfoinabilify, 
transformatton and sourcing. 

Mr. Sood tifoduen^ presents at major industry conkaences and is a regular conMbufor to leading 
IT servteas ireblicatfons. He managed a monthly column called "Across the Digital Natfon" for 
Washington Technology magazine. Mr. Sood has been a dedicated government analyst at 
Gartner fW 17 years. 

Mr. Sood joined Gartner with the acquisition of G2 Research, where he was vice president, 
managing the firm's Global industries group^ as well aS being chief analyst for state and toesri 
government. Mr. Sood is a graduate of the Univwsity of Chicago. 
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Testimony of: 

Alfred 6n»so 

President and CEO, The MfFRE Corporation 
totte 

US SENATE COMMUTEE ON HOMELAND SECURITY AND GOVERfiHMENTAL 

AFFAIRS 

Subrommittee on Federal Financial Man^ment, Government 
Information, Federal Services, and International SeoNlty 
on the subject of 

‘Hamming the President's Plan for Eliminating Wastehii Spending In 
Information Technolt^y" 

APRIL US, 2011 


Chaimian Cwper, Seaator Brown, tmd honorable members of the SitbcommitUei tiiaidc you for 
die opportnntfy appear before you on this important topic. My name is Aified Orasso, and I 
am the Presitet ami Chief Executive Officer of The MllTtE Corpor^on. Qm company’s SO 
plus years of expoience, contributions, and accomplMunents have given tB a pe^^sective that I 
belteve is highly reievmit to today’s topic of information technology planning urdmanagment 
From foe early days of the SAGE air cfofense sy^em to present day deployment of advanced 
command and (xmtrol and business systems, MITRE has been witness to great successes and 
signifiemrt disappointments in foe acquisition and deployment of advanced information 
technology (IT) systems. We ate honored to be askmi to share our footers on the direction of IT 
reform in foe federal government with your subcommittee. 

Yqu may know that MITRE is a not-for-profit corporation, managing five foderally funded 
research and develo{nnent centms sponsored by tlM U.S. govenunent. Our organizational 
stiucture demands to we remain conflict fiee, (h> net manuiactme products, mid do not compete 
with IndMry. In this way, MITRE is able to provide objective assistance to the government and 
wofo on programs for our government sponsors with the primary motives of achieving 
establishmi program outcomes, and being good stewards of public funds. It is these motives that 
bring me here before you today. 

infemation t^lmology-intensive programs operate in an environment of rapid technology 
evolution whem new generations of technology are introduced in montiis ratiier than years. 
Utfortimately, current federal acquisition processes and budget cycles are not well mmdmd to 
ii^ timelines, thereby causing some technology ccanponents to become obsolete while the 
program is still to deydopment. To compound matters further, IT investment d^isionS are often 
made aj^tot a backdrop of lafHdly evolving policy decisions, mis^n priorities and business 
needs. This |XK:e of cht^e challenges federal IT programs to Imep their teeUcal ddtl base 
current All of these feotors conspire to undermine the transformative potential IT holds for our 
government and foe public. The answers to these problems are not easily found, but it is 
essential tto steps be taken to begin turning the tide. 

1 


VerDate Nov 24 2008 1 1 :00 Feb 17, 2012 Jkt 067128 PO 00000 Frm 00102 Fmt 6601 Sfmt 6601 P:\DOCS\67128.TXT JOYCE 



H605-41331-79W7 with DISTILLER 


99 


OMB’s 25-i)oint plan is a positive step in the lT tefomi process. In addition to OMB’s activities, 
others across the fedetd civilian and demise sectors are ^So stiiving to iM solutions to these 
challenges. As a personal ex«^le, I had fee privilege to co-chair fee Defense Science Board 
Sununer Study on enhancii^ Riiltey advisability last year. It shotiid not be surprising that the 
observations and recmnnomdations tn^ in that stufer fegn closely wife tiiose expressed here. 
Adaptable systems, process and jtoopte are critical^ important in an ratviromnent that is 
tv^idly changing. 

As 1 observe fee state of IT management in the federal govsanmeat, I an stnici by fee amount of 
attention paid to feilures versus time v)ent analymng successes for critically impctttant le«5as to 
be learned. I observe a strong tendency to impose new policies, processes and reporting 
requirements in an effort to avoid ftitm feilure. These reqmrements iiitroduce an ever increasing 
bunlen feat reduces agility, imposes costs, and delays the (felivety of much needed cvrabilify. in 
an interesting stody cmiduCtedm fee Defense Acquisition IMversi^, slUdmito detantined ttet a 
“null program”-one that deliveis nothing but satisfies mandatory reporting and process 
tequiiemenls-woutd take tinee years to complete under fee current rules. A Systran tiiat requires 
tiir^ yews to delivra' nothing is fimdamentally flawed. 

As consider Imw to reform IT managranent in the federal government and this Committee 
cmisidets potentiai legislation, I suggest policy, process and model decisions te based on what is 
kitown to vwric to government and fee private sector, not on reactions to problems. We must 
build our V'strans upon successful practices and avoid focusing solely on cmrecttog past feUtue. 
My emnmraits today wilt be based on this premise-that fee experiences and attributes of 
orgmtizations that develop and d^ttoy IT successfiiUy should be the models on which new 
legislation, policy, and process derisions are based. 

TheVS-PoM Implementation Plan to Reform Federal Information Technology Management" is 
based on practices that woik. It establishes a good direction and addresses an important set of 
issues. We applaud 0MB, Mr. Kundra, and the Federal CIO Council’s leadership on this topic. 

It is a nationto imperative, and it is our collective obligation to deliver informaticm technology 
more effectively and rapidly to better meet the needs of fee puldic. However, experience let^ 
us to observe that additional steps can be taken both to enfele successful implementation of fee 
plan and to expand on some of fee important goals defined to it. With that to mind, I will 
address the following three important topics and provide specific recommendations feat build on 
the intent and direction to fee plan; 

1 ) Establifeing a governance model which incorporates a comprehensive portfolio 
management and budgeting v>proach wife close cotqiltog to tite end user 

2) Establifetog stiong Program Managranent Offices (PMOs) by incentiviztog and 
professionalizing the key roles required to successfolly deliver IT propams 

3) Building secure and resilient IT intensive systems 


2 


VerDate Nov 24 2008 1 1 :00 Feb 17, 2012 Jkt 067128 PO 00000 Frm 00103 Fmt 6601 Sfmt 6601 P:\DOCS\67128.TXT JOYCE 



H605-41331-79W7 with DISTILLER 


100 


IT Goveraance and Pertfoiio-based Management and Bndget Model 

Succeeding in a rapidly ehmging eayironmetit rentes a balanee between discipline and 
flexibility. The plwming^centric mvesttnent and acqmsStion environmait of today is Wit npon a 
strong discipline, but rtM^emoit most have die tools and authorities to shift resources as 
conditions chai^, oppoitWties arise, and risks are identifi»l and inesent themselves. Hiis 
balance is impoitmit in mt effective IT governance model. Several points in die SS-poim plan 
address aspects of Ms challenge^ 

AliWng ^ budget pocess with the technology cycle offers the flexibility to shift resources to 
^dte% chmtgtag ne^ and inoease agility. Fi^ermore, streamlining gov^ance and ensuring 
accottaWiity stimigthens the role and authorities of the CIO to execute inqmrwt Ciin^- 
CohOT mspmiribflities. However, fliese actions will fiill short if the lirJc and timing between the 
ittveWtont dedslon faoeess md the budget formulation process is not Wlressed to afford 
in(n«B«l flexibility. 

Puntfetaefflally, foe problem is Ms: foe investment itecision process occurs 12-24 nronfos before 
the W%!ri is iKto^ly made available, but foe steps necessary to make a soimd investment 
decisirm canuetbe Wen foat fttr in advance and without some limited bwlget aufttoiization. 

More specifically, foe deWs required in the siqrporting documentation (foe E30O) cannot be 
acxmrateiy provided without performing some ttegree of up-firont systems engineering to evaluate 
alteratives, estoMifo initial requirements, ami develop an architecture that is needed to Wmate 
schedule and cost-ell Wks foat currently require foe initial budget allocation (wMcb, 
vmfortunately currently requires a completed and a|iproved E300). The net result is an investment 
decision, based cm little real analysis, made two years in advance to support a budget truest. By 
foe time foe budget is authorized, technology has likely changed, foe business environment has 
been altered, and key p^sonnel have moved to ofoer pursuits, all of which results in significant 
ride to foe successful delivery of foe dMred results on time and on budget 

This is ocemring now, in FYl 1, as agencies are dcvelopW FY13 budgets. They are 
currently making majen assumptions about future investments and IT expenditures, without foe 
resomces or authority to do foe ground work requiW to properly scope fire investment, evaluate 
alternatives, and estimate foe cost of delivery based on an evidence-Wed analysis. By FYl 3, 
foe ^stunptions used today to build foe budget will be irrelevant 

Moreover, organizations foat budgeted to refresh their aging infiastrocture using procurement 
funds may not have the budgetary flexibility to move to the more efficient scrvie« model 
proposed in foe 25-point plan. We are already seeing some organizafions msMng suboptimal 
decision because foe “cdor of money” does not support provisioning for scavice. The 25-point 
plMi ptc^xtses to woric wifo Congress to really Ms process, mid we ^ree. The near totm 
solMon is for Congress to provide greater reprogramming authcMity for IT investment to all 
defarisrent and agency CIOs until a single IT apjHopriation can be enacted. This is e^wially 
eritiW for IT infiastnicture investments foat sht^ foe foimdation for future mission and 
business iavesttients. Increasing transparency into foese reprogramming actiems can satisfy 
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CoE^rm* pversipt funetlon "with linited risk £«# without itnposiiil cm die CIOs auditaity to 
tnake ttude-olT decisions. 

This model is very common in private industry and not a new concept. In 2005, die Corporate 
Executive Board i^on^ a tordimuking ^udy of Key Attributes of World-Class, 

Performing IT Qtganiisations. Among the ei^t attributes idmitified, IT governance mes one of 
the three most importmit priorities, based on the nearly 1000 private and public sector 
organizations involved in tie sluts'. Witnn IT governance. Portfolio Mana^raent lariced as one 
of the activities of pe^st iiaportteice.' Within the federal govenunent, tite CIOs of BHS, VA, 
and IRS have all adored, or are moving to, a portfolio aKwotush. Tte BoD, in to IT wjinsWon 
task force effort, has also determined that changes to the tesotmring proce», including pmtfolio 
management mid a single IT t^prc^mation, are critical enablers for IT m^quisition reform. 

Uiibttunately, tadget process and oversight approach does not ali^ well witii this 

man^mitent model ^ does not allow thete CIOs to treat their budgets as a complete IT 
investmertt^rtfolio, thereby diluting the degree of trade-offs that can be nmde ^ the spending 
effidwicies that cmi be resdi:red. Portfolio ftedbility is a long-standi^ best jnactice in the 
inivate sectiw where corporate boards of directors rarely engage in line-item oversight of specific 
IT investomts or spendu^ ptioritiK. Instead, they hold ihe Corporate OflScers atMi tiie CIO 
w^untabte for ittve^ng wisely to meet tiie needs of tiie bnsiness and tileir cusamm and for 
ddnonrir^g strong fiscal imd fiduciary responsiUlity. I stron^y encour^ Conp'ess to take 
foe rdditicmal st^ necessary to provide tius fiexibility 1^ realigning the budging motol and 
allowing CIOs and portfolio memagers to exercise the strategic decisirHi-making that their peers 
m the private sector have had for years. 

I tiiink font a firadmnentel reshaping of tiie role of the CIOs and the implementation of a version 
of this model, along with the al^nment of the budget and technology cycle already defined in the 
2S-point plan, will transform IT management in ways tiiat will result in more efficient and 
ef^tive use of n budgets and greater agility to react to a changing environment 

In addifom to the improvements described above, we a^ee thm aligning the delivery cycle wifli 
tiie tedmology cycle through incremental delivery is anotha clear step in the right direction. 
These incr«nents represait a disa^regation of iarge-scale capability into a number of smaller 
integrated projects that can be executed in a more accelerated manner. The mcrements must be 
built (m a sound foundation of iq}-&x>nt architectine and systems engineering, where foe mchitect 
worto to undmtand the user’s operational needs and translates them into tectoical requirements, 
aiMl foe ^s^ms migineer translates those technical requirements into a system design. Sound 
^^^ems engineering performed early in a program’s life cycle has a strong correlation vrift 
iminoved project c<»t smd schedule planning. The use of modular open-system enterprise 
solutions baM upMi established standards sets foe environment for seamlessly and rapidly 
delivetfag incimnental performance improvements vfoiie enabling foe envircaimwit for 
continuUus competition. These elements provide for an enduring fouirfation that will reduce risk 


' ao ExeevUve BoarU of the Corporate Executive Board, 'Key Attribute of Wond-CJass IT Organliatiotis: A 
Competency Olagnosac”; January, 2(»5 
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and deliver capabilities in a ttmeftmne during wWA tte teetoology is cuneat and skills are 
relevant. This is also a commcn qtptdach bilte ^Vate sector. 

Equally important is the need to cotq)le the IT investments and the acquisition pocess mote 
closely with operations, ^leed is important, bnt it must be weE matched to the operational 
tempo. This coupling ensines diat technology drops have Clear business value^ mid inpmneitts 
build on an enduring, underlying IT infiastructure that supports fliture investment mid ctq^U% 
delivery in a cost effective fesWon, 

At the enterprise level, current process^ tend to focus more on complimice riian on outcomes. 
This means they often fall sl^ of meettag business needs. Alibiing dl stdtchof dera to a set of 
shared mission outcomes creates cteity of purpose and will ^ve dynamic ttide ^ce analysis 
to as^ss dtemati^ mcfait^riaest concepts of operation; and tmnics, techniqws, ^ procdtees. 
Aliped toams cm) guide d^iskms tiuou^ short development cycles mid cmi motivato their 
home orgamz^BS to siqspmt the outcomes most effectively. Ttee tean® povide a venae for 
the entainise to (feectiy with the operator and gather impptant fee^^ ftom toe field, 
this “hiteiprm^ Team” (EPT) program managmnmit office ^piom;fa, U^i^ted in tiie 

2S-'point phm, is a most efftotive way to manr^ an incremental development pogrmn. It is 
critically iix^rstant imt this conc^t extend to mclude the developraent temn and be inclusive of 
to© tecWcal managempit roles (e.g.. Chief Architect and Chief Enginem') to set toe tpshnical 
direction for tiie pt^ram, guide the technical decoii^sition of toe solutitm fitnn conc^t to 
field, and etutole toe government to be a technical peer to toe contractors and oti^ siqiplier 
organmtions. WithoP this broad set of operator and technology perspectives^ the risk of 
mismng critical issues, or toldng advantage of opiottunities to lead to bettm outcomes. 

With tl^e tiioughts In mind, my recommendations can be summarized as follows; 

1) AdpJt an IT governance model that that features a consolidated, portfolio-based IT 
budgeting model to allow the flexibility of CTOs and agmicy lemfeis to adap fiintong 
during toe year to react to changes in tectotology and mismon reqtnrmnmrts. This toould 
include multi-year autoorify and tiie autoority to fimd the iq>-fiont systems engineering 
and cdtematives analysis nec^saiy to evaluate and estonate the scope, cost, and schedule 
for proposed investments withoP prior iqjprovaL 

2) Eliminate toe investmep line-item oversi^t and the practice of differentiating or 
“fencing” budgp by investmep type. Instead, allow GIOs to trade-off investments 
bPvt^n New Development, Opmations and Maintenance and Infi'astractpe. 

3) Enhance ard expand accountability metoods and metrics akin to toe TecbStat reviews 
and tiie evolving dashboards to hold the CIO^ business leader, and other stakeholders 
collectively accountable for outcomes. Act upon these results by rewarding performance 
nd ^dressing areas needing improvement. 

4) Match incremratal delivery with the operational cadcpe of the mganization or function 
the IT propam saipiorts, with timefiames no later than those identified in toe 25-point 
plan, bP not requbing an increment every six months. 
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Establishing Strong Endnrfa^ ]MOs by InmitivUng and ProfnnioBaBiBag IT Program 
Management 

In my past testimony to this mbcommittee, I empfaasizal die iiqibrtance of maintaining strong 
technical and mmiagement ctqpabiliies wittin progimn man^ment ofitces (PMO). It continues 
to be my experience that succwsM programs are charactetized by a Strong government PMO 
caimble of acting as a sricmg “technical peer” widi contractor countoparts on s:^tems 
engineering. The indivkltials assigned to these program ofBces must view dieir position as a 
career and not sin^y a job. b^mtives play a key rote in atbacting and tuning competent 
program office pssonnel. Ist^ishing a career progression giv<K individu^ die opportunity to 
secure greater rei^iKiyii^ iuid pay based commensurate widi han^^sed degrees of proficiency. 

Incentives for indivhhials n«d to become more missiomfocused and designed so diat top 
performance lea& dicatei^ giowdi. liKentives should rnodvme individ^s to Mve assiptments 
better than they foimd them. Towmd dtat aid, the performance of the mgaiimtitm ac»l individual 
leads should infhtence diose individnals’ future p^otmance reviews. TOO often idvidtial leads 
are so ctmcetned vrith ensming that nodiing “happens on my watch^diat problems are not 
recognized in a dmety &shion. Individual incentives should also be designed to retain 
individuals vrith knowledge mid skills of value to the organization and make ollowmic^ for a 
re 8 S 0 B#!e mnount of coutt^eous risk taking, recognizing that that the occasional ftulures that 
are a mduial outcome of that behavior are far outwei^ed by the potential benefits. 

Comcactor incentivmi also must be considered, as they play an inqrortant role in d» 
organization’s ability to achiei« its objectives. Ciment contract management praoices aeate 
some incentives that run counta to government objectives for these companies, udiichtoi^ are 
mofiifl^ed Imgely by profit, opportimities for change orders, and maintaining barriers to entey. hr 
otfaa cases, the excessive bm^cratic and regulatory environment produces disincentives that 
teed many commercial cmnpanies to refuse to do business vrith the government. White it is clear 
fiiat the contractors must operate in ways that satisfy foeir stakeholders and employees, it should 
also be iwssible to establish incentives that serve both the government mid contractor community 
well — ^incentives that are mission-focused, allow for reasonable profit, reward successful 
content performance, Iowa the barrier to entry for commacial firms, and promote continuous 
innovafion and competition. 

1) EstaWsh carea paths for these IPT PMO team. Many are idoitified in the 25-point plan, 
but I would include foe technical management roles such as Chief Architet and Chief 
Ei^nea since they set technical direction and act as foe teclmlcd pea vrifo foe 
contmcta. 

2) Establish incenfives for program leaders and technical leaders by alipiing foeir 
poformance vrifo mission outcomes, not just program outeomes. Reward prudent risk 
taking and resulte, 

3) Allow contractmg flexibilities to inccntivize contractors in accordance with mission 
outcomes, not just wifo contract delivery. 
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Bsttteg S^ure rr%st«Bs 

A final area of extreme importoee is securing information systems. This should be a critical 
aspect of any investmeSit, and it wimants m^or investments in its own rij^t. AH too often, 
however, security is tegmded as im aftertiiooght, mi <^on. And all too f^^tly, c«cenis 
about system vulneraMitieS are used to justify making less transformational investment mid 
adhering closely to tte states quo-mtaking marginal imjwovements instead of finKlamental 
changes. This reluctance is justified as a concern about the “new technology.” 

I believe that security concerns should not be the reason for not doing somelhii^ new, but rather 
should be a msgor considermion in how to do it successfully. This process starts with the 
mchite^tere and initial investment plan. Defining resilient architectures tiiat not only address 
vulwaabilities but also include the ctqmbilities requited to withstand a breach should be a key 
elcBtent of miy investment. Factoring in security considerations should be, for instance, 
important in itetetmining flie Qqie of cloud environment to adopt and how to architect mid 
opetationali® it. It slwuld not be a deterrent. 

An exanqile of tins case can be found in the 25-pdnt plan’s “cloud-first” policy. Gloud-based 
sttategies provide oppoituruties for efficiencies tinough virtualization, cmnmoditization, and 
p'ovisi^ing of services. However, security issues should be a major consideration in the 
p'Oce^ of deterinining flic type of cioud. From my experience, it is impactantto wm^ tihe 
secmity issues as a key element in the decision about which tqiplicatimis are moved to te cloud 
ami which cloinl miategy is best leveraged to meet te functional needs, deliver efficiencies, and 
potect te dma and applications. We developed, and have shared wiflt many agenci^ mid 
0MB, MITRE’S Cloud Computing Decision Proces ^ — our recommended guidance on how to 
measure and evaluate te trade-offs to make te best cloud decision. Inherent in flus fiameworic, 
and te mtent bdiind it, is the belief that decisions of this nature should recognize and weigh 
bofli risk and benefit 

As an illustration, deploying data and plications to a cloud environment changes an 
organization’s TT security posture. New technologies are introduced into te IT inftastructure 
and responsibility fiir securing systems is shared between te organization amd the cloud service 
providm. Ihese chmiges create both challenges and opportunities. Risks introduced by te new 
technologies are cfaidlenges that must be understood and addressed. The cioud service provider, 
however, is an ally who has both expertise and resources to help address tiiese challmtges. 
Woridng together, tese partners have te opportunity to achieve more secure ^sterns. The 
cloud service provider can address IT infiastructure security, thereby allowing te oiganization 
to ftieus on ptoteting information. 

This is a pic On vriiich te Federal CIO, te CIO Council, and te Congress can provide more 
teadei^p. They should send a clem message that govenunent infoimation teehmilogy 
investments must not only be aligned with busmess needs, deployed tocrementeily, mad managed 


’ presented in 14 Decision l>roceSs for Appfying Cloud Computing in Federal Enwtonments"; 
www.mlwe.om/wgflc/tech p»pers/2QlP/lO toto/cloud federal enylrQnroen.ts.gd( 
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properly within budget and schetfaile, but must idso be ai^uteeted, developed, and operated with 
a clear eye on protecting public aai private da& atid cohdnwng d» erittcd services government 
performs for the public. A maj®r ftrustof this nature vrfll idso represent a transformation in the 
way information technology is ^pted, decoyed, and operated by the federsd goveiwnent 


Summary and Ciostag 

Achieving the resulte expects of Are 25-point plan requires a ii^or tHmsteiffidoB that spans 
many aspects of the fed^ gOvemnmt’s operations. Ifansformaticm suc^eds when culture, 
strategy, vision, jUOCesses, incwives, ^ accountd^ty are aliped ttd rehtfaree One another. 
Moving away ftoift core rigidities fluit prevent die witeiprise i»« bdng as ef&^w as possible 
can only be achieved by chimgtog the way individuals think ^ut dieir roles md how Aey help 
achieve the ov^euching goal of the oiganization. 

John Kote's Harva-d Business Review article “Why Transformation Efforts Fal^ lists the 
mistek® erntpaaes make when attanpting to reengineer thanselves. One of the most common 
etrots is not anchorii^ chrogcs in the orgmiization’s culture. Change ^eks when it becomes “die 
way we do dungs around here,” when it seeps into the bloodstream of die coqjorate kidy. Until 
irew behaviors are rooted in social norms and shared v^ues, they are subject to d^^ratbtion as 
soon as fte pres^e for chai^ is removed. Cultures can change when leaders a 
conqi^Iiag ease for chaise, there is a clear rtuidmap of explicit stq», the roadm^ is 
comistendy communicated to ail stidc^otders, and expectations and accoimtalHlity are 
unambiguous. The 2S-point plan presents this roadmap. 

One of the key attributes of successful commercial cuganizations is the willingness to examine 
how tte firm does its work and to alxuidon processes that consune resources but don’t create 
value for the mission. The federal government, conversely, has a long history of repeatedly 
layming new initiadves on existing processes with a goal of minimizing risk. As a r»ult, 
adiieving IT objectives in the federal govenimeiit is more difficult, t^s longer, and requires too 
many reviews and approvals. To compound this process-heavy environment, the culture of ri^ 
aversion means that “no” is much more likely to be encountered than “yes.” Successfid 
organizations will routinely abandon less valuable activities to increase speed and rediKe cost 
We must imt be reluctant to do the same. 

The many elemrails of the 25-pGint plan reflects two sets of related priorities - adoptit^ new 
feduwlogy foat enables greater efficiency, and establishing an enduring foundation of 
c^mbitities to plan, manage, and execute IT programs more successfttlly. 1 believe the latim’ 
r^reSenra both greatest challenge and the true imperative. From my vant^e point enduring 
change will r^uire the following: 


’. John P. Kot»r,’'L«|idl>® Chan^; Why TransformaUon Efforts Fhfl 'ftomirrf Bustnm ftevtew on Oiange, 
Harvard Business Sdjooi Press, 1998. 
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1) Establi^)ii% IT gowtiunce that includes auflioiities and flexiUlities vtee diey best 
contribute to 4e succ^ ot failure of these progitens without losing teSHtsparency into 
how thete p<»tfolios are performing 

2) Building and empowmq Ingram Mteiagement Offices (PMOs) by incentivizing teid 
professionalizing foe key nuBwgmient and technical roles to motivate people to adopt 
these roles as careers 

3) Defining and building IT ct^bilMes foat are secure and resilient 

Without the oppoitusdtf> authority, and resources to accompli^ these go^, foe succ^ rate in 
adopting new tettetlpgy wiU cotitinue to suffer. I am siq>p<Htive of foe dilution of 2S-point 

plan, as well as ofori* siiaihr action phuts deveh^xd and beii^ itnpleinmted across many 
agencies today. I ma teicoora^ by foe clear interest of tins subcmmnittee is taking st^ te 
codify methofo and operating motkls that we know to be successM and on foe intueas^ 
emphasis on developi^ ite foundation capabilities that endme beyond contemporary solutions. 

I believe if these stqps are t^en, foe promise of foe 25-point plan dm be teaHz^ arfo foe 
(UkHities it lays out will endure. 

1 respectfully request thru my inepared statement be included in foe record, and I would to 
pleased te answer any questions. 
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Post-Hearing Questions for the Record 

Submitted to Vivek Kundra, Federal Chief Information Officer, Office of Management and Budget 
From Senator Claire McCasklll 

Note: Due to the timing of Vivek Kundra's departure, these questions were responded to on his behalf 
by the Office of E-Govemment and Information Technology. 

"Examining the President's Plan for Eliminating Wasteful Spending in Information Technology" 

April 12, 2011 

1. The "25-point plan” recently announced by 0MB to reform the way the federal government 
procures and manages its IT appears to be directly antithetical to the current approach taken by 
GSA. At a time when the government is looking to decrease its costs, eliminate wasteful 
spending, and decrease the project deliverables and completion timelines, it is my understanding 
that GSA has yet to do a comparison/business case as to how a Software-as-a-Service/Cloud 
approach could help achieve the government's goals in this regard. 

a. How does the lAE approach comply with Cloud-first policy? 

The Administration's Ctoud-first policy is intended to accelerate the pace at which the 
government will realize the value of cloud computing by requiring agencies to evaluate safe, 
secure cloud computing options before making any new investments. Under the 25-Point-Plan, 
agencies, including GSA, are migrating three services to the cloud by June 2012; one of these 
migrations must be complete by December 2011. Additionally, as per the Federal Cloud 
Computing Strategy, each agency will re-evaluate its technology sourcing strategy to include 
consideration and application of cloud computing solutions as part of the budget process. 
Consistent with the Cloud First policy, agencies will modify their IT portfolios to fully take 
advantage of the benefits of cloud computing in order to maximize capacity utilization, improve 
IT flexibility and responsiveness, and minimize cost. Agencies such as USDA and GSA have 
centralized disparate email systems, by moving to cloud providers, saving millions of taxpayer 
dollars. 

The investment of $38 million into a System of Award Management (SAM) will allow GSA to 
Improve operating capabilities, eliminate redundancy, increase data accuracy and improve 
agility of the application for future expansion. SAM will consolidate the eight procurement 
systems by consolidating eight databases into one, which will greatly Improve unnecessary 
duplication and redundancy and improve data quality for both the acquisition workforce and the 
public. Specific benefits include: 

• Improving Functionality and Reducing Operations & Maintenance Costs - Due to the age 
and complexity of the eight systems currently supported, It is difficult to make changes 
quickly and making changes to eight systems is costly. In the current state, it Is expensive 
and increasingly more difficult to make changes required by legislation, executive order or 
the Federal Acquisition Regulation (FAR). However, once integration is complete, the cost 
savings will be significant. SAM, a single system versus the current eight systems, will allow 
for more active management and for active competition of support services through the life 
of the integrated system. 
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• Single Login and Data Entry - SAM will result in one online location for data entry that will 
Increase functionality and accessibility for the federal contracting community and interested 
businesses. For example, there will only be one Input for a vendor's name and address, 
which will be used to support multiple functions and appear in multiple reports. A unified 
system will make it possible to have a single log on and single reporting system that enables 
the acquisition workforce and public to retrieve and analyze procurement data and ensure 
accurate data from the vendors who that do business with the federal government. 

• Single Data Source - SAM will enable centralized, normalized data to eliminate potential 
conflicting value when agencies and the public are conducting searches for contract data. 
SAM will simplify and reduce the number of interfaces that each agency must maintain 
thereby also benefitting the vendors who provide agencies with procurement systems. The 
processes that each of the eight systems performs are being analyzed and redundancies will 
be removed resulting in such improvements as the quality of standardized reports. 

• Single Hosting Site - SAM will consolidate hosting for multiple websites. Consistent with the 
Administration's "Cloud First" policy, GSA is deploying an infrastructure as a service cloud 
environment, hosted In a private cloud, which is the definition of cloud computing 
developed by the National Institute for Standards and Technology (NIST). Among other 
things, the definition emphasizes that cloud technologies that are inherently more reliable 
and flexible. The consolidation will also bring immediate benefits from a security and 
accreditation standpoint since each of the systems share common solutions for physical and 
internet security, so one set of documentation/process can be used for all eight systems. 
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2. Both in your oral and written testimony, you highlighted that the present budget process does not 
align well with the “modular" IT development process. Similarly, the process makes the 
duplication, across the federal government, of IT systems more likely. Both modular development 
and reducing the number of duplicative IT systems are two main components of the 
administration's "25 point plan" to reform federal IT spending and management. 

a. Without a change to the budget process how will the implementation of the present plan 
be affected? 

As outlined In the "25 Point Plan", providing agency CIOs with increased budget flexibility (e.g., 
ability to pool bureau-level funds to serve agency-wide purposes, flexibility to transfer funds 
between projects) can improve their ability to consolidate redundant investments and reduce 
the number of duplicative IT systems agency-wide. Furthermore, extending the period of 
availability of funds as part of the broader effort to improve the alignment of the budget process 
with the technology cycle can further the goal of modular development and help to curb 
potentially wasteful year-end spending. 

While such changes to the budget process have the potential to advance key goals for federal IT 
as articulated in the "25 Point Plan," in some instances agencies have existing transfer 
authorities, established revolving funds, and other mechanisms already In place which can be 
used to centralize funding for major IT initiatives, consolidate the acquisition of commodity IT, 
and reduce agency-wide duplication. 0MB continues to work with agencies to maximize their 
use of current authorities and to share management best practices to Improve CIOs' abilities to 
coordinate and optimize management of their IT portfolios. To achieve optimal results. 
Congressional action Is likely required. 

b. How would you reconcile the ability of an agency to make final decisions and/or changes 
to their IT plan at the time of execution with the need for Congressional oversight of 
taxpayers' money? 

As stated in the "25 Point Plan," "information technology should enable government to better 
serve the American people. " Accordingly, agency decisions regarding IT systems should always 
be done with the ultimate aim of providing increased value to the taxpayer. 

With that in mind, in June 2009 the Administration launched the IT Dashboard to allow the 
public to monitor IT investments across the Federal Government. As part of this increased 
transparency into the Federal IT portfolio, the Dashboard makes available details regarding 
rebaselining/replanning activities affecting major IT investments. Details provided include the 
date of the rebaseline/replan and the reason for rebaseline/replan (as provided by the agency). 

Planned enhancements to the IT Dashboard include, for all major investments, the display of 
details regarding component projects and updates to progress on key deliverables at least every 
six months. The release of this information is consistent with the principles of modular 
development and will empower every stakeholder in the oversight process - from the CIO to the 
Congress - to have a more timely impact on improving the results for Federal IT spending. 
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3. One of the areas targeted by the administration's "25 Point Plan" is the lack of properly trained 
and experienced program managers. According to your written testimony 0MB and 0PM have 
worked together to create a new occupational series to recruit the best and brightest project 
managers. 

a. Will the use of private contractors for these positions be an option available to a 
department or agency? If so, has an analysis been performed on the cost of using a 
private contractor in lieu of a federal employee? 

This Program Manager career series was established for Federal employees. In developing a 
career path forthls series, it was envisioned that we would recruit from within and outside 
of the government. 

b. What, if any, incentives are being offered to recruit and retain highly qualified individuals 
as IT project managers? Would an incentive, such as pay banding, be the 

decision of the employing department/agency? 

0PM released the results of a Government-wide competency study in mid-July. The results 
were used to inform the development of new competency model for the program manager 
position. The competency model can be used along with the new Program Manager title to 
create Job opportunity announcements and position descriptions for recruiting IT program 
managers. The competency model will also be useful to agencies in workforce planning 
(e.g., competency gap analyses) to ensure they have staff with the essential competencies 
to effectively perform IT program management work. 

In addition, there is a follow-up effort to supplement the new Program Manager title. 0PM 
Is developing information about typical career paths, suggested training and development 
activities, and other information on IT program management careers to assist agencies and 
employees In fully utilizing the new IT program management title. Finally, the career path 
effort will be a resource agencies can use to grow and develop a pipeline of successful IT 
program managers. The 25 point plan did not investigate any specific pay incentives. 
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* kTtegr tty * ReH> Mtty 

United States Government Accountability Office 
Washington, DC 20548 


July 22, 2011 

The Honorable Claire McCaskill 

Subcommittee on Federal Financial Management, Government Information, Federal 
Services, and International Security 
Committee on Homeland Security and Governmental Affairs 
United States Senate 

Subject: Efforts Underway to Eliminate Wastefui Information Technology (TI^ 
Spending 

Dear Senator McCaskill: 

This letter is in response to questions you sent us following the April 12, 2011, hearing 
on the governance of federal IT investments.* At that hearing, we discussed the Office 
of Management and Budget's (0MB) key efforts to improve oversight and 
management of these investments tlurough the use of the IT Dashboard^ and other 
efforts. Your questions, along with our responses, follow. 

In your written testimony you stated that a March 2011 GA O report stated that 
agencies needed to do more to ensure the IT Dashboard’s data accuracy SpedScaUy, 
you reviewed investments at the Department of Homeland Security (DHS) as well as 
other departments. You found that cost ratings were inaccurate for 6 of 10 selected 
in vestments and schedule ratings were inaccurate for Oof 10. You also found 
weaknesses in agency practices, e.g. uploaded inconsistent or erroneous data, &iled 
to submit data, and/or used unreliable source information. 

(a) Can you briefly explain your endings with respect to DHS? What 

recommendations were given to the departments as a result of your review? 
Since the initial recommendations have you done a follow up review and if so 
what were your endings? 

In March 2011, we reported that the Dashboard ratings for the two DHS investments 
selected for review contained data inaccuracies over a 3-month period. 

• U.S. Citizenship and Immigration Services-Transformation investmentiTne 
Dashboard’s cost and schedule ratings for this investment were inaccurate for all 


'GAO, Information Technology ConCinaed Improvements in investment Oversight and Management 
Can Yield Billions in Savings. GAO-ll-SllT fWashington. D.C.: Apr. 12,2011). 

The IT Dashboard, deployed by 0MB in 20(©, provides detailed information on approximately 800 
major federal IT investments, including assessments of these investments' performance against cost 
and schedule targets. 
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3 months that were evaluated. Cost performance on the Dashboard was reported 
as “red” (i.e., significant concerns) from Jime 2010 through August 2010, whereas 
our analysis of program data showed cost performance as “yellow” (i.e., needs 
attention) for those months. In addition, the investment’s schedule performance, 
as reported on the Dashboard, was “green” (i.e., normal), while our analysis 
showed the performance to be “yellow” for those same months. In other words, 
the investment’s actual cost performance was better than what was reflected in 
the Dashboard, and its actual schedule performance was worse. 

• U.S. Coast Guard-Command, Control, Communications, Computers, Inteliigence, 
Surveillance & Reconnaissance investment: While the Dashboard’s “yellow” cost 
ratings for all 3 months were accurate, the schedule ratings for each of those 
months were inaccurate. Specifically, schedule performance was reported as 
“yellow” in June and July 2010 and “red” in August 2010. In contrast, our analysis 
determined that the performance was “green” in June and July, and “yellow” in 
August, indicating that the investment’s actual schedule performance was better 
than what was reflected on the Dashboard. 

We further reported that the data inaccuracies noted above were attributed to 
weaknesses in the department’s Dashboard reporting practices, as weU as limitations 
in how 0MB calculates the ratings. Specifically, DHS’s Dashboard-data submissions 
were not always provided on a monthly basis; contained errors; and were not 
reflective of the investment’s actual baseline. In addition, OMB’s Dashboard 
calculations lacked a sufficient emphasis on current investment performance. 
Specifically, these calculations combined the performance of ongoing activities with 
completed activities — thus masking recent performance of the department’s 
investments. 

To improve the accuracy of the Dashboard’s performance ratings, we made multiple 
recommendations to DHS and 0MB. We recommended that DHS ensure investment 
data submissions include complete and accurate investment information for all 
required fields and comply with key 0MB Dashboard-related guidance. DHS 
concurred with our recommendations. We also recommended that 0MB develop 
rating calculations that better reflect current investment performance. 0MB 
disagreed with this recommendation, stating in its response that real-time 
performance is always reflected in the ratings since current investment performance 
data are uploaded to the Dashboard on a monthly basis. However, we maintained that 
the issue was not the frequency with which the data were updated, but that the use of 
historical data going back to an investment’s inception could mask more recent 
performance, as our report had shown. 

Since the completion of our review, we have not yet initiated follow-up work on the 
implementation status of our recommendations. 


(b) In your opinion, do you believe the weaknesses in agency practices were 
caused by unclear department processes or on human resources? Did these 
inaccuracies cost the government taxpayer money? If so, howmuch? 

The data inaccuracies described above, such as missing monthly data uploads and 
erroneous data, are a result of the department’s lack of compliance with OMB’s 
guidelines on maintaining data on the Dashboard. However, if DHS fully implements 
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all of our recommendations, the accuracy of the Dashboard ratings for its 
investments should improve. Further, while we do not have specific information 
regarding costs incurred as a result of inaccurate Dashboard reporting, our prior 
work on poorly performing major IT programs’ has shown that the use of inaccurate 
performance data for executive-level decisions contributed to cost overruns that 
could potentially have been avoided. 

Notwithstanding the issues with data accuracy on the Dashboard, this mechanism 
has demonstrated the potential to significantly improve the performance of IT 
investments and reduce unnecessary spending. Through the use of the Dashboard, 
the Federal Chief Information Officer (CIO) has led reviews — known as “TechStat” 
sessions — of selected IT investments involving 0MB and agency leadership to 
improve performance. According to 0MB officials, 58 sessions had been held as of 
December 2010 and resulted in improvements to or termination of IT investments 
with performance problems. For example, the Jime 2010 TechStat session for the 
National Archives and Records Administration’s Electronic Records Archives 
investment resulted in the halting of development funding pending the completion of 
a strategic plan. Further, 0MB identified 26 additional high-priority FT projects and 
coordinated with the cognizemt agencies to develop corrective action plans at future 
TechStat sessions. According to the Federal CIO, OMB’s efforts to improve 
management and oversight of IT investments using this mechanism (i.e., the Techstat 
sessions) and other 0MB management reviews have thus far resulted in $3 billion in 
savings. 

Additionally, our recent and ongoing work has identified other opportunities for 
using the Dashboard to increase operational efficiency and realize significant cost 
savings.’ As part of our first report responding to a statutory requirement that GAO 
identify duplicative goals or activities in the federal government, we reported on the 
potential for further significant savings if 0MB implements plaimed improvements to 
the Dashboard, along with outstanding GAO recommendations. We also have ongoing 
work for this subcommittee to evaluate the data on the Dashboard in order to 
determine the extent to which agencies may be investing in similar projects, as well 
as efforts to identify and act on such duplicative investments. We plan to issue a 
report on this body of work in September 2011. 


Tor example: GAO, Electmnic Records Archives: National Archives Needs to Strengthen Its Capacity 
to Use Earned Value Techniques to Marmge and Oversee Deveiopment, GAO-1 1-86 (Washington, D.C.: 
Jan. 13, 2011); Information Technoiogy. Agencies Need to Improve the Implementation and Use of 
Earned Value Techniques to Heip Manage Mtqor System Acguisitions,(iKO-Vi-2(yiastm:gfan, D.C.: 

Oct. 8, 2009); and Poiar-orblting Operational Environmental Satellites: Restructuring Is Under Way, but 
Technical Challenges and Risla Remain, GAO-07-498 (Washington, D.C.: Apr. 27, 2007). 

*GAO, Opportunities to Reduce Potential Dupiication in Government ITograms, Save Tax Dollars, and 
Enhance Revenue, GAO-11-318SP (Washington, D.C.: Mar. 1, 2011). 


Pages 


VerDate Nov 24 2008 


11:00 Feb 17, 2012 Jkt 067128 PO 00000 


Frm 00117 


Fmt 6601 


Sfmt 6601 


P:\DOCS\67128.TXT JOYCE 



H605-41331-79W7 with DISTILLER 


114 


In responding to these questions, we relied on previously reported information on the 
IT Dashboard. The work supporting this letter was conducted in accordance with 
generally accepted government auditing standards. Those standards require that we 
plan and perform the audit to obtain sufficient, appropriate evidence to provide a 
reasonable basis for our findings and conclusions based on our audit objectives. We 
believe that the evidence obtained provides a reasonable basis for our findings and 
conclusions based on our audit objectives. Should you or your office have any 
questions on matters discussed in this letter, please contact me at (202) 612-6253 or 
willemsseni@gao.gov . 

Sincerely yours. 


iy' 


Joel C. Willemraen 

Managing Director, Information Technology 
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